181 matches found
TRUfusion Enterprise <= 7.10.4.0 - Path Traversal
Pre-Auth Path Traversal Allowing to Leak Local server files disclosing sensitive clear-text passwords. id: CVE-2025-27222 info: name: TRUfusion Enterprise = 7.10.4.0 - Path Traversal author: DhiyaneshDK,rcesecurity severity: critical description: | Pre-Auth Path Traversal Allowing to Leak Local...
CVE-2025-12680
Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the databa...
CVE-2025-12680
Brocade SANnav before Brocade SANnav 2.4.0b logs database passwords in clear text in the standby SANnav server, after disaster recovery failover. The vulnerability could allow a remote authenticated attacker with admin privilege able to access the SANnav logs or the supportsave to read the databa...
CVE-2021-33325
The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the...
iWT FaceSentry Access Control System 安全漏洞
iWT FaceSentry Access Control System is a face recognition access control system from the Chinese company iWT. A security vulnerability exists in iWT FaceSentry Access Control System version 6.4.8, which originates from storing passwords in clear text and could lead to credential disclosure...
CVE-2022-50591
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...
CVE-2022-50591
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztpconfigid’ parameter to the ‘NetworkServlet’ endpoint. Successful...
CVE-2022-50594
Advantech iView is affected: versions prior to v5.7.04 build 6425. The issue arises from a lack of validation in the data parameter of the NetworkServlet endpoint, enabling a SQL injection via the SNMP management tool. Remote attackers can bypass authentication and exploit this to disclose data, ...
PT-2025-45366
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘ztp config id’ parameter to the ‘NetworkServlet’ endpoint. Successful...
pgcodekeeper 安全漏洞
pgCodeKeeper is an open source Eclipse plugin for database schema management from pgCodeKeeper. A security vulnerability exists in pgcodekeeper version 10.12.0, which stems from storing passwords and usernames in clear text and could lead to the disclosure of sensitive information...
EUVD-2020-2505
Malware in sbrugna...
EUVD-2021-20034
Malware in sbrugna...
EUVD-2018-19494
Malware in sbrugna...
EUVD-2021-15174
Malware in sbrugna...
EUVD-2017-3711
Malware in sbrugna...
EUVD-2020-0065
Malware in sbrugna...
EUVD-2020-18340
Malware in sbrugna...
EUVD-2019-15190
Malware in sbrugna...
EUVD-2025-31635
Malicious code in bioql PyPI...
EUVD-2023-26629
Malicious code in bioql PyPI...