Lucene search
K

628 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-53825

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00902EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2022-0048

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00763EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/07/31 12:33 a.m.8 views

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS7.2AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2025/07/29 9:30 p.m.6 views

GHSA-PQHP-4XFC-HJGQ Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS5.4AI score0.0018EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/07/29 9:30 p.m.9 views

Couchbase Sync Gateway shows cleartext passwords in redacted and unredacted output

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS5.4AI score0.0018EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/07/29 8:15 p.m.5 views

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS0.0018EPSS
Exploits0References3
PyPA
PyPA
added 2025/07/29 8:15 p.m.11 views

PYSEC-2025-101

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS5.8AI score0.0018EPSS
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2025/07/29 8:15 p.m.7 views

casbin-couchbase-adapter (>=0.1.3 <=0.1.4), pycouchbase (>=0.1.0.dev1 <=0.1.0b1) +1 more potentially affected by CVE-2025-52490 via couchbase (>=2.0.0 <=2.5.12)

couchbase PYPI version =2.0.0, =0.1.3, =0.1.0.dev1, =1.0.4, =2.0.2 Source cves: CVE-2025-52490 Source advisory: OSV:PYSEC-2025-101...

7.3CVSS5.8AI score0.0018EPSS
Exploits0
OSV
OSV
added 2025/07/29 8:15 p.m.6 views

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS5.8AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2025/07/29 8:15 p.m.8 views

PYSEC-2025-101

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

7.3CVSS5.8AI score0.0018EPSS
Exploits0References3
CVE
CVE
added 2025/07/29 12:0 a.m.26 views

CVE-2025-52490

CVE-2025-52490 affects Couchbase Sync Gateway versions prior to 3.2.6. The issue arises from cleartext passwords appearing in redacted and unredacted output in sgcollect_info_options.log and sync_gateway.log, enabling potential information disclosure. The linked advisories indicate upgrading to a...

7.3CVSS7.2AI score0.0018EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.6 views

PT-2025-31263

Name of the Vulnerable Software and Affected Versions Couchbase Sync Gateway versions prior to 3.2.6 Description An issue was discovered where cleartext passwords were present in both redacted and unredacted output within the sgcollect info options.log and sync gateway.log files. Recommendations...

7.3CVSS5.8AI score0.0018EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/07/29 12:0 a.m.3 views

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

6.6AI score0.0018EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/29 12:0 a.m.4 views

Couchbase Sync Gateway 安全漏洞

Couchbase Sync Gateway is a secure web gateway for data access and data synchronization over the web from Couchbase, Inc. A security vulnerability exists in Couchbase Sync Gateway versions prior to 3.2.6, which stems from logs containing plaintext passwords that could lead to information disclosu...

7.3CVSS6.3AI score0.0018EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/29 12:0 a.m.9 views

CVE-2025-52490

An issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollectinfooptions.log and syncgateway.log, there are cleartext passwords in redacted and unredacted output...

0.0018EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.8 views

CVE-2025-49015

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

4.9CVSS7.2AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2025/06/18 3:31 p.m.6 views

GHSA-PX2C-R924-MWCC Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

4.9CVSS7AI score0.00192EPSS
Exploits0References6
Snyk
Snyk
added 2025/06/18 3:31 p.m.5 views

Improper Validation of Certificate with Host Mismatch

Overview CouchbaseNetClient is a the Official Couchbase .NET SDK. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the TLS certificate validation process. An attacker can intercept sensitive information by performing a man-in-the-middle...

6.9CVSS6.5AI score0.00192EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/06/18 3:31 p.m.9 views

Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

4.9CVSS5AI score0.00192EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2025/06/18 2:15 p.m.3 views

CVE-2025-49015

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

4.9CVSS5.8AI score0.00192EPSS
Exploits0References3
Rows per page
Query Builder