CVE-2021-44793

CVE-2021-44793 affects Single Connect via the sc-reports-ui module, where an missing authorization check allows a remote attacker to access the device configuration page and export data. The attacker could potentially obtain sensitive information including database credentials; the database runs ...

CVE-2021-44793 Information Leakege via Unauthorized Access in Single Connect

Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to...

Kron Single Connect 安全漏洞

Kron Single Connect is a comprehensive Privileged Access Management Pam software suite from Kron Turkey. Designed to create a flexible, centrally managed and layered defense security architecture against insider threats. A security vulnerability exists in Kron Single Connect that stems from. Sing...

PT-2022-12234

Name of the Vulnerable Software and Affected Versions Single Connect affected versions not specified Description The issue arises from the lack of an authorization check in the sc-reports-ui module, allowing a remote attacker to access the device configuration page and export data to an external...

CVE-2021-43978

Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials...

CVE-2021-43978

CVE-2021-43978 affects Allegro Windows 3.3.4152.0. The vulnerability arises because the product embeds software administrator database credentials into its binary files, enabling users to access and modify data with the same credentials. The available sources confirm the issue but do not provide ...

GoDaddy Data Breach Exposes Over 1 Million WordPress Customers' Data

Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange...

Siemens SIMATIC RTLS Locating Manager Sensitive Information Explicit Storage Vulnerability

SIMATIC RTLS Locating Manager is used to configure, operate, and maintain SIMATIC RTLS units, a real-time wireless positioning system that provides positioning solutions.A security vulnerability exists in Siemens SIMATIC RTLS Locating Manager, which stems from the fact that the application writes...

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

Hardcoded credentials

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

CVE-2021-40519

Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials...

CVE-2021-40519

Airangel HSMX Gateway devices prior to version 5.2.04 have hard-coded PostgreSQL database credentials embedded in the configuration file, according to multiple sources. This root cause allows an attacker to connect to the HSMX database over the network, potentially enabling unauthorized access to...

CVE-2020-10053

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.12. The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attack...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.12. The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attack...

CVE-2020-10053

CVE-2020-10053 affects Siemens SIMATIC RTLS Locating Manager prior to version 2.12. The vulnerability stems from the application writing sensitive data, such as database credentials, in configuration files, enabling a local attacker with access to those files to leverage the information for furth...

CVE-2020-10053

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.12. The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attack...

SIMATIC RTLS 安全漏洞

SIMATIC RTLS Locating Manager is used to configure, operate, and maintain SIMATIC RTLS units, a real-time wireless positioning system that provides positioning solutions.A security vulnerability exists in Siemens SIMATIC RTLS Locating Manager, which stems from the fact that the application writes...

CVE-2021-31601

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user regardless of privileges can list all...

CVE-2021-39458

Triggering an error page of the import process in Yakamara Media Redaxo CMS version 5.12.1 allows an authenticated CMS user has to alternate the files of a vaild file backup. This leads of leaking the database credentials in the environment variables...