EUVD-2023-46933

Malicious code in bioql PyPI...

CVE-2024-3082

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...

Security Bulletin: IBM Workload Scheduler stores user credentials in plain text.

Summary IBM Workload Scheduler stores user credentials in plain text which can be read by a local user. CVE-2024-49351 Vulnerability Details CVEID:CVE-2024-49351 DESCRIPTION: IBM Workload Scheduler stores user credentials in plain text which can be read by a local user. CWE:CWE-256: Plaintext...

CVE-2024-3082

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...

CVE-2024-3082

A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers e.g., full-disk encryption have been enabled...

CVE-2024-3082

CVE-2024-3082 describes a CWE-256 issue where plaintext storage of the administrative password enables a physical attacker to read the cleartext password. Public sources (NVD, Red Hat, CVE listing aggregations, CNNVD, PT-Security) tie this to admin credentials exposed on the device, with mitigati...

AutomationDirect C-MORE EA9 HMI

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AutomationDirect Equipment : C-MORE EA9 HMI Vulnerabilities : Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...

CVE-2023-42493

EisBaer Scada - CWE-256: Plaintext Storage of a Password...

CVE-2023-42493

CVE-2023-42493 concerns EisBaer Scada where passwords are stored in plaintext. The issue is tied to insecure credential storage in the affected software (EisBaer Scada), with high impact on confidentiality and integrity. Root cause: plaintext password storage. Exploitation details are not provide...

CVE-2023-42493 EisBaer Scada - CWE-256: Plaintext Storage of a Password

EisBaer Scada - CWE-256: Plaintext Storage of a Password...

CVE-2023-42493 EisBaer Scada - CWE-256: Plaintext Storage of a Password

EisBaer Scada - CWE-256: Plaintext Storage of a Password...

Siemans QMS Automotive

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2023-26204

A plaintext storage of a password vulnerability CWE-256 in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate...

CVE-2023-26204

CVE-2023-26204 describes a plaintext storage of admin credentials in FortiSIEM, affecting Fortinet FortiSIEM versions 6.7, 6.6, 6.5, 6.4, 6.3, 6.2, 6.1, 5.4, and 5.3. The root cause is storage of passwords in plaintext (CWE-256), which may allow an attacker with access to the user database to imp...

CVE-2023-26204

A plaintext storage of a password vulnerability CWE-256 in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate...

FortiSIEM - Plaintext credentials storage in DB

A plaintext storage of a password vulnerability CWE-256 in FortiSIEM may allow an attacker able to access user DB content to impersonate any admin user on the device GUI...

Mitsubishi Electric MELSEC iQ-F Series

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric --------- Begin Update A Part 1 of 4 --------- Equipment: MELSEC iQ-F, iQ-R, Q, and L series --------- Begin Update A Part 1 of 4 --------- Vulnerability: Plaintext Storage of...

Motorola Solutions MDLC

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely Vendor: Motorola Solutions Equipment: MDLC Vulnerabilities: Use of a Broken or Risky Cryptographic Algorithm, Plaintext Storage of a Password CISA is aware of a public report, known as “OT:ICEFALL” that details vulnerabilities found...

FortiSIEM - plaintext storage of sensitive data in Windows Agent

A plaintext storage of a password vulnerability CWE-256 in the FortiSIEM Windows Agent may allow an authenticated user to impersonate the agent registered to the Supervisor via reading specific log files...

Joomla RSFirewall 2.11.25 Database Disclosure

Exploit Title : Joomla RSFirewall Components 2.11.25 Database and Password Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 25/01/2019 Vendor Homepage : rsjoomla.com Software Download Link : extensions.joomla.org/extension/rsfirewall/ Software...