Malicious code in customerdigital-ui-containers-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a314a5b253dcb30b2781bda216266b7ab1b49b62eec416bd9be07b48ab46a348 On npm install, postinstall.js collects git identity, OS user/uid, hostname, internal network interface addresses, Cloudflare Pages environment...

Malicious code in cloudauth-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccc67c8452789facd5ba7b991c89a1410dc3058f1c8112c16812e8d004efdf0f Package attempts to exfiltrate various credential files. In the analyzed version, the exfiltration target was set as localhost suggesting it's not the final...

MAL-2026-3325 Malicious code in cloudauth-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccc67c8452789facd5ba7b991c89a1410dc3058f1c8112c16812e8d004efdf0f Package attempts to exfiltrate various credential files. In the analyzed version, the exfiltration target was set as localhost suggesting it's not the final...

Malicious code in gauth-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 aea1fab5eb3b9422c65232e53e79eb71ba3436355601cd61e7a7b0177779df4e Package impersonates Google and attempts to exfiltrate various credential files. It also setups PTH file for automated start during Python initialization. In t...

CVE-2026-32810

Halloy is an IRC app written in Rust. Before commit f180e41061db393acf65bc99f5c5e7397586d9cb, Halloy creates its config directory and files with default umask permissions (typically 0644 files, 0755 dirs), allowing any local user to read plaintext credentials in config.toml or referenced password...

CVE-2026-32810 Halloy has insecure file permissions on credential files

Halloy is an IRC application written in Rust. In versions on \nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any...

LORIS Neuroimaging Platform 路径遍历漏洞

LORIS Neuroimaging Platform is a neuroimaging platform open source developed by ACElab. Versions 24.0.0 to 26.0.5, 27.0.2, and 28.0.0 of the LORIS Neuroimaging Platform had path traversal vulnerabilities. These vulnerabilities stem from path traversal attacks, which could lead to the reading of...

PT-2026-22025

Name of the Vulnerable Software and Affected Versions LORIS versions prior to 26.0.5 LORIS versions prior to 27.0.2 LORIS versions prior to 28.0.0 Description LORIS is a self-hosted web application used for data and project management in neuroimaging research. An authenticated user with appropria...

PT-2026-2201

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The system lacks sufficient hardening, potentially allowing a user with management and maintenance access to view files containing credentials in plain text or other valuable information for an...

XWiki Platform 访问控制错误漏洞

XWiki Platform is the XWiki open source suite of Wiki platforms for creating web collaboration applications. An access control error vulnerability exists in XWiki Platform versions 16.7.0 through 16.10.11, 17.4.4, and 17.7.0, which stems from an XJetty package exposure context that could lead to...

CVE-2021-4471

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading...

EUVD-2021-34722

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory stores credential files for previously logged-in users. A remote unauthenticated attacker can enumerate and download files within the directory to obtain valid account usernames and passwords, leading...

CVE-2021-4471

TG8 Firewall exposes a /data/ directory over HTTP without authentication, storing credential files for previously logged-in users. This enables a remote unauthenticated attacker to enumerate and download files to obtain usernames and passwords, leading to loss of confidentiality and potential una...

TG8 Firewall 安全漏洞

TG8 Firewall is a firewall from TG8 Inc. A security vulnerability exists in TG8 Firewall that originates from an unauthenticated HTTP directory exposing credential files, which could lead to information disclosure and unauthorized access...

EUVD-2021-22595

Malware in sbrugna...

CVE-2023-4595

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end o...

CVE-2023-4595 Insertion of Sensitive Information into Externally-Accessible File or Directory in BVRP Software SLmail

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end o...

PT-2023-15396 · Ekorccp +1 · Ekorccp +1

Name of the Vulnerable Software and Affected Versions: ekorCCP and ekorRCI affected versions not specified Description: The issue allows a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the we...

CVE-2023-31059

Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php...

PT-2023-23125 · Unknown · Repetier Server

Name of the Vulnerable Software and Affected Versions: Repetier Server versions prior to 1.4.11 Description: The issue allows directory traversal for reading files that contain credentials. This can be demonstrated by accessing the connectionLost.php file. It is estimated that about 1,766 devices...