61 matches found
CVE-2026-62214
OpenClaw Bot Framework (versions before 2026.5.28) contains an input validation flaw in serviceUrl parameters that enables SSRF-style access by lower-trust callers. This misvalidation can allow retrieval of bot tokens and credentials by supplying malicious serviceUrl values through configured inp...
CVE-2026-14867
PcVue projects store credentials for built-in users insecurely in the User directory, affecting all versions before 17.0.0. A local attacker could retrieve these credentials, impacting confidentiality. Active Directory accounts are not affected. The provided documents do not include explicit reme...
PT-2026-56173
Name of the Vulnerable Software and Affected Versions PcVue versions prior to 17.0.0 Description Credentials for built-in users are stored insecurely within the User directory of projects. This allows a local attacker to retrieve these credentials. Active Directory accounts are not affected by th...
Automated Logic WebCTRL Storing Passwords in a Recoverable Format (CVE-2025-14295)
CWE-257 Storing Passwords in a Recoverable Format vulnerability exists in Automated Logic WebCTRL and Carrier i-Vu Building Automation System products. An attacker with elevated access can retrieve passwords stored in a recoverable format, potentially compromising credentials and neighboring...
PT-2026-31694
Name of the Vulnerable Software and Affected Versions OpenPLC V3 affected versions not specified Description OpenPLC V3 is susceptible to a flaw involving the storage of passwords in plaintext. This could allow an attacker to obtain credentials and access sensitive information. Recommendations At...
EUVD-2025-206310
Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...
CVE-2025-58741
Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...
CVE-2025-58741 Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture
Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...
CVE-2021-27392
A vulnerability has been identified in Siveillance Video Open Network Bridge 2020 R3, Siveillance Video Open Network Bridge 2020 R2, Siveillance Video Open Network Bridge 2020 R1, Siveillance Video Open Network Bridge 2019 R3, Siveillance Video Open Network Bridge 2019 R2, Siveillance Video Open...
CVE-2021-31857
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types...
CVE-2025-59379
DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...
Siklu MultiHaul TG Series 访问控制错误漏洞
The Siklu MultiHaul TG Series is a series of wireless transmission devices from Siklu designed to provide a reliable high-speed data transmission solution specifically suited for fixed wireless access and connectivity needs in dense urban environments. An Access Control Error vulnerability exists...
CVE-2025-9982
CVE-2025-9982 affects QuickCMS 6.8. The vulnerability is due to sensitive admin credentials hardcoded in a plaintext configuration file, allowing attackers with access to the source code or server filesystem to retrieve credentials and potentially escalate privileges. Only version 6.8 was tested ...
EUVD-2021-18732
Malware in sbrugna...
EUVD-2019-7961
Malware in sbrugna...
EUVD-2018-8075
Malware in sbrugna...
EUVD-2017-17037
Malware in sbrugna...
EUVD-2025-5470
Malicious code in bioql PyPI...
Google Android Missing Privilege Check Vulnerability
Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a missing privilege check vulnerability, which can be...
CVE-2025-26437
The CVE-2025-26437 issue is described across multiple sources as a missing privilege check in CredentialManagerServiceStub (CredentialManagerService.java), enabling local information disclosure by retrieving candidate credentials without requiring extra privileges. Exploitation is possible withou...