66 matches found
CVE-2019-13348
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
Design/Logic Flaw
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...
[SECURITY] Fedora 29 Update: c3p0-0.9.5.4-1.fc29
c3p0 is an easy-to-use library for augmenting traditional JDBC drivers with JNDI-bindable DataSources, including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 standard extension...
[SECURITY] Fedora 30 Update: c3p0-0.9.5.4-1.fc30
c3p0 is an easy-to-use library for augmenting traditional JDBC drivers with JNDI-bindable DataSources, including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 standard extension...
Why Asset Management is so important for Vulnerability Management and Infrastructure Security?
When people ask me how should they start building Vulnerability Management process in their organization well, sometimes it happens, I advice them to create an effective Asset Management process first. Because it's the foundation of the whole Infrastructure Security. The term "Asset Management" h...
CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response
Product: Embedded Jopr - JBoss AS Administration Console Vendor: Red Hat Middleware, LLC Version: 1.2 Tested Version: 1.2 Vendor Notified Date: May 29, 2013 Release Date: June 03, 2013 Risk: Moderate Authentication: Required Remote: Yes Description: Passwords submitted to the application are...