23 matches found
Security Bulletin: NVIDIA Isaac Launchable - May 2026
NVIDIA has released a software update for NVIDIA® Isaac Launchable. To protect your system, download and install the latest version of Isaac Launchable. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update addresses and thei...
EUVD-2017-14749
Malware in sbrugna...
EUVD-2022-32045
Malicious code in bioql PyPI...
EUVD-2022-2588
Malicious code in bioql PyPI...
CVE-2025-7738 Python3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aap
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
CVE-2025-7738 Python3.11-django-ansible-base: sensitive authenticator secrets returned in clear text via api in aap
A flaw was found in Ansible Automation Platform AAP where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users...
GHSA-V34R-VJ4R-38J6 Updatecli exposes Maven credentials in console output
Summary Private maven repository credentials leaked in application logs in case of unsuccessful retrieval operation. Details During the execution of an updatecli pipeline which contains a maven source configured with basic auth credentials, the credentials are being leaked in the application...
PT-2025-3156 · Xerox · Xerox Workplace Suite
Name of the Vulnerable Software and Affected Versions: Xerox Workplace Suite versions prior to 5.6.701.9 Description: The issue allows attackers to intercept or access sensitive secrets without encryption, as they are exposed in clear text both locally and remotely. Recommendations: For versions...
CVE-2023-5384
A flaw was found in Infinispan. When serializing the configuration for a cache to XML/JSON/YAML, which contains credentials JDBC store with connection pooling, remote store, the credentials are returned in clear text as part of the configuration. Mitigation The issue's impact is limited because...
CVE-2023-36136
PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...
Intergard SGS 安全漏洞
Intergard SGS is a security appliance from the Brazilian company Intergard. A security vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of an unknown function in the component Change Password Handler, resulting in the transmission of sensitive information in clea...
CVE-2022-39351 Dependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissions
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.6.0, performing an API request using a valid API key with insufficient permissions causes the API key to be written to Dependency-Track's audit...
CVE-2022-0207
A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text...
CVE-2021-28508
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...
CVE-2021-23884 Clear text exposure of password in McAfee CSR ePO extension
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter CSR prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway MWG or the password of the McAfee Web Gateway Cloud Server MWGCS read on...
postgresql: Reconnection can downgrade connection security settings
A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could...
postgresql: Reconnection can downgrade connection security settings
A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could...
postgresql: Reconnection can downgrade connection security settings
A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could...
A flaw was found in PostgreSQL versions before 13.1 before 12.5 before 11.10 before 10.15 before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters an opportunity for a man-in-the-middle attack or the ability to observe clear-text transmissions could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
...
mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure.
A cryptographic protocol integrity flaw was discovered in Apache Mina. The closure of a TLS session would not always result in closure of the socket, allowing the conversation to continue in clear text. This could undermine the confidentiality of a connection and potentially disclose sensitive...