CVE-2024-23551

Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe...

Data anonymiser does not blank out SMTP server username and password

SMTP server username and password are readable in database/xml export: This can possible security leak e.g. when you sent support request, where you send database export to support. Anonymizer does not remove these values. ---- Username and password should be encoded format in database...

CVE-2006-4654

Format string vulnerability in Easy Address Book Web Server 1.2 allows remote attackers to cause a denial of service crash or "compromise the server" via encoded format string specifiers in the query string...

CVE-2005-1122

Format string vulnerability in cgi.c for Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers aka "double expansion error"...

CVE-2005-1122

The CVE-2005-1122 entry concerns the Monkey HTTP Server component monkeyd, specifically a format string vulnerability in cgi.c prior to version 0.9.1. A remote attacker can trigger a denial of service and potentially arbitrary code execution by sending an HTTP GET request containing double-encode...