5 matches found
GitHub Workflow Updater 安全漏洞
GitHub Workflow Updater is a VS Code extension by Richard Tweed Personal Developer. A security vulnerability exists in GitHub Workflow Updater versions prior to 0.0.7, which stems from storing Github tokens in cleartext, which could lead to token disclosure...
EUVD-2025-30269
Malicious code in bioql PyPI...
CVE-2025-34188
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravelsession, are...
PT-2025-38591
Name of the Vulnerable Software and Affected Versions Vasion Print Virtual Appliance Host versions prior to 1.0.735 Vasion Print Application versions prior to 20.0.1330 Description The local logging mechanism in Vasion Print contains a security issue where authentication session tokens, including...
You can’t stop me. MS Teams session hijacking and bypass
How cleartext session tokens are stored in an unsecured directory that can be stolen and used to impersonate a Teams user. TL;DR Microsoft Teams stores unencrypted session tokens and cached conversations in users’ roaming AppData, which can be used by an attacker to gain access to the victim’s...