Lucene search
+L

61 matches found

cve
cve
added 2 hours ago4 views

CVE-2026-62214

OpenClaw Bot Framework (versions before 2026.5.28) contains an input validation flaw in serviceUrl parameters that enables SSRF-style access by lower-trust callers. This misvalidation can allow retrieval of bot tokens and credentials by supplying malicious serviceUrl values through configured inp...

6.5CVSS6.1AI score
Exploits0References2
cve
cve
added 2026/07/07 9:25 a.m.14 views

CVE-2026-14867

PcVue projects store credentials for built-in users insecurely in the User directory, affecting all versions before 17.0.0. A local attacker could retrieve these credentials, impacting confidentiality. Active Directory accounts are not affected. The provided documents do not include explicit reme...

6.8CVSS5.9AI score0.00092EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/07/07 12:0 a.m.14 views

PT-2026-56173

Name of the Vulnerable Software and Affected Versions PcVue versions prior to 17.0.0 Description Credentials for built-in users are stored insecurely within the User directory of projects. This allows a local attacker to retrieve these credentials. Active Directory accounts are not affected by th...

6.8CVSS6.1AI score0.00092EPSS
Exploits0References9
nessus
nessus
added 2026/06/23 12:0 a.m.5 views

Automated Logic WebCTRL Storing Passwords in a Recoverable Format (CVE-2025-14295)

CWE-257 Storing Passwords in a Recoverable Format vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. An attacker with elevated access can retrieve passwords stored in a recoverable format, potentially compromising credentials and neighboring...

7CVSS5.9AI score0.00158EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/04/09 12:0 a.m.10 views

PT-2026-31694

Name of the Vulnerable Software and Affected Versions OpenPLC V3 affected versions not specified Description OpenPLC V3 is susceptible to a flaw involving the storage of passwords in plaintext. This could allow an attacker to obtain credentials and access sensitive information. Recommendations At...

9.2CVSS5.8AI score0.00297EPSS
Exploits0References6
euvd
euvd
added 2026/01/21 12:31 a.m.10 views

EUVD-2025-206310

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

8.5CVSS5.4AI score0.00169EPSS
Exploits0References2
nvd
nvd
added 2026/01/20 10:15 p.m.10 views

CVE-2025-58741

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

8.5CVSS0.00169EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/01/20 9:36 p.m.3 views

CVE-2025-58741 Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

8.5CVSS5.4AI score0.00169EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:28 a.m.22 views

CVE-2021-27392

A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...

8.8CVSS6.8AI score0.01183EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 11:24 a.m.15 views

CVE-2021-31857

In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types...

5.9CVSS6.8AI score0.02671EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/06 12:0 a.m.30 views

CVE-2025-59379

DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...

0.00341EPSS
Exploits0References3
cnnvd
cnnvd
added 2025/12/11 12:0 a.m.7 views

Siklu MultiHaul TG Series 访问控制错误漏洞

The Siklu MultiHaul TG Series is a series of wireless transmission devices from Siklu designed to provide a reliable high-speed data transmission solution specifically suited for fixed wireless access and connectivity needs in dense urban environments. An Access Control Error vulnerability exists...

8.7CVSS6.7AI score0.00361EPSS
Exploits0References3
cve
cve
added 2025/11/14 1:22 p.m.12 views

CVE-2025-9982

CVE-2025-9982 affects QuickCMS 6.8. The vulnerability is due to sensitive admin credentials hardcoded in a plaintext configuration file, allowing attackers with access to the source code or server filesystem to retrieve credentials and potentially escalate privileges. Only version 6.8 was tested ...

7.5CVSS6.8AI score0.0027EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-18732

Malware in sbrugna...

5.9CVSS6AI score0.02671EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-7961

Malware in sbrugna...

7.5CVSS7.5AI score0.00994EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8075

Malware in sbrugna...

9.8CVSS9.5AI score0.02147EPSS
Exploits1References3
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-17037

Malware in sbrugna...

9.8CVSS9.5AI score0.01941EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-5470

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00287EPSS
Exploits2References1
cnvd
cnvd
added 2025/09/08 12:0 a.m.3 views

Google Android Missing Privilege Check Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a missing privilege check vulnerability, which can be...

5.5CVSS6.1AI score0.00074EPSS
Exploits0References1
cve
cve
added 2025/09/04 5:14 p.m.438 views

CVE-2025-26437

The CVE-2025-26437 issue is described across multiple sources as a missing privilege check in CredentialManagerServiceStub (CredentialManagerService.java), enabling local information disclosure by retrieving candidate credentials without requiring extra privileges. Exploitation is possible withou...

5.5CVSS5AI score0.00074EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder