Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.10 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

6.5CVSS5.5AI score0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/04/14 4:16 p.m.3 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

6.5CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 3:38 p.m.16 views

CVE-2026-22576

CVE-2026-22576 affects Fortinet FortiSOAR PaaS (7.3–7.6) and FortiSOAR on‑premise (7.3–7.6). The underlying issue is storing passwords in a recoverable format, enabling an authenticated remote attacker to retrieve passwords for multiple installed connectors by modifying the server address in conn...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/14 3:38 p.m.3 views

CVE-2026-22576

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

4.3CVSS5.8AI score0.00263EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.7 views

PT-2026-32668

A storing passwords in a recoverable format vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.4, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.4, FortiSOAR on-premise 7.5.0 through 7.5.2,...

4.3CVSS5.8AI score0.00263EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 安全漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by Fortinet, a US-based company. Both versions of Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise have security vulnerabilities. These vulnerabilities stem...

6.5CVSS5.9AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-1794

Malicious code in bioql PyPI...

4.9CVSS6.6AI score0.00408EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:14 a.m.4 views

CVE-2024-31493

An improper removal of sensitive information before storage or transfer vulnerability CWE-212 in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses...

6.5CVSS6.4AI score0.00527EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/01/23 11:15 a.m.3 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS5.3AI score0.00408EPSS
Exploits0References3
OSV
OSV
added 2025/01/23 11:15 a.m.6 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS5.8AI score0.00408EPSS
Exploits0References2
NVD
NVD
added 2025/01/23 11:15 a.m.11 views

CVE-2025-0619

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.9CVSS0.00408EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/23 11:7 a.m.8 views

CVE-2025-0619 Unsafe stored password recovery

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.6CVSS6.6AI score0.00408EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/23 11:7 a.m.24 views

CVE-2025-0619 Unsafe stored password recovery

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords...

4.6CVSS0.00408EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.7 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in versions of M-Files Server prior to 25.1, which stems from allowing insecure passwords to be set. An attacker could exploit the vulnerability to recover external connector passwords...

4.9CVSS6.6AI score0.00408EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.26 views

PT-2025-3985 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions prior to 25.1 Description: The issue allows a highly privileged user to recover external connector passwords due to unsafe password recovery from the configuration. Recommendations: For versions prior to 25.1, update t...

4.6CVSS7.3AI score0.00408EPSS
Exploits0References6
OSV
OSV
added 2024/06/03 8:15 a.m.5 views

CVE-2024-31493

An improper removal of sensitive information before storage or transfer vulnerability CWE-212 in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses...

6.5CVSS5.8AI score0.00527EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/03 12:0 a.m.4 views

PT-2024-24119 · Fortinet · Fortisoar

Name of the Vulnerable Software and Affected Versions: FortiSOAR versions 7.0.3 and below FortiSOAR versions 7.2.2 and below FortiSOAR version 7.3.0 Description: The issue allows an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses due to an improper...

6.5CVSS6.5AI score0.00527EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2020/11/10 12:0 a.m.153 views

idm:DL1 and idm:client security, bug fix, and enhancement update

bind-dyndb-ldap 11.3-1 - New upstream release - Resolves: rhbz1845211 ipa 4.8.7-12.0.1 - Set IPAPLATFORM=rhel when build on Oracle Linux Orabug: 29516674 4.8.7-12 - Require selinux sub package in the proper version Related: RHBZ1868432 - SELinux: do not double-define nodet and pkitomcatcertt...

6.9CVSS6.9AI score0.99019EPSS
Exploits16
Rows per page
Query Builder