Lucene search
+L

38 matches found

CNVD
CNVD
added 2022/11/18 12:0 a.m.25 views

IBM Sterling Partner Engagement Manager Information Disclosure Vulnerability (CNVD-2022-85417)

An information disclosure vulnerability exists in IBM Sterling Partner Engagement Manager version 2.0, an automated management tool from International Business Machines Corporation IBM. The vulnerability stems from inadequate protection of sensitive information and encrypted storage of locally...

4CVSS2.5AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2022/11/16 5:15 p.m.18 views

CVE-2022-34354

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...

4CVSS0.00191EPSS
Exploits0References2
CVE
CVE
added 2022/11/16 4:25 p.m.81 views

CVE-2022-34354

Affected product: IBM Sterling Partner Engagement Manager 2.0. The vulnerability is an information disclosure where encrypted client data stored locally can be read by another user on the same system. Root cause: inadequate protection of locally stored data leading to exposure. Impact: confidenti...

4CVSS3.4AI score0.00191EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/16 4:25 p.m.5 views

CVE-2022-34354 IBM Sterling Partner Engagement Manager information disclosure

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...

4CVSS3.7AI score0.00191EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/16 4:25 p.m.19 views

CVE-2022-34354 IBM Sterling Partner Engagement Manager information disclosure

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424...

4CVSS4AI score0.00191EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/16 12:0 a.m.5 views

IBM Sterling Partner Engagement Manager 安全漏洞

An information disclosure vulnerability exists in IBM Sterling Partner Engagement Manager version 2.0, an automated management tool from International Business Machines Corporation IBM. The vulnerability stems from inadequate protection of sensitive information and encrypted storage of locally...

4CVSS5.8AI score0.00191EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 5:22 p.m.22 views

GHSA-3F82-V3QW-53Q7 Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin

Stash Branch Parameter Plugin stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plai...

3.1CVSS4.5AI score0.00657EPSS
Exploits0References4
0day.today
0day.today
added 2022/01/17 12:0 a.m.263 views

Cisco IP Phone Cleartext Password Storage Vulnerability

Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832, 8821 and 3905 suffer from an insecure password storage vulnerability. ======================================================================= title: Cleartext Storage of Phone Password product: Cisco IP Phone Series 78x1, 88x5, 88x1, 7832, 8832,...

4.6CVSS5.6AI score0.00351EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.6 views

PT-2020-15459 · Jenkins · Jenkins Parameterized Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Parameterized Remote Trigger Plugin versions 3.1.3 and earlier Description: The issue concerns the storage of a secret in an unencrypted form within the global configuration file on the Jenkins controller. Specifically, the secret is...

4.3CVSS4.4AI score0.00524EPSS
Exploits0References7
CNVD
CNVD
added 2020/06/28 12:0 a.m.5 views

Boole Server BooleBox Secure File Sharing Utility Injection Vulnerability

Boole Server BooleBox Secure File Sharing Utility is a file sharing system from Boole Server Italy. The system is mainly used for encrypted file storage and sharing. An injection vulnerability exists in Boole Server BooleBox Secure File Sharing Utility. The vulnerability can be exploited to execu...

8.5CVSS7.5AI score0.00965EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/04/16 6:48 p.m.14 views

CVE-2020-11826

Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY...

7.5AI score0.00501EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.7 views

PT-2019-11809 · Jenkins · Jenkins Violation Comments To Gitlab Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Violation Comments to GitLab Plugin version 2.28 and earlier Description: The issue concerns the storage of credentials in an unencrypted manner. Specifically, the plugin stored API tokens unencrypted in job config.xml files and its...

6.5CVSS6.2AI score0.01068EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2019/07/11 12:0 a.m.8 views

PT-2019-11747 · Jenkins · Jenkins Gogs Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Gogs Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted form in job config.xml files on the Jenkins master or controller. These credentials can be accessed by users with...

8.8CVSS8.4AI score0.01668EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2018/05/03 2:0 p.m.1 views

Get Dashlane Password Manager Premium (50% + 10% OFF)

Happy 'World Password Day'! Today is a good time for you to audit your password practices and stop using terrible passwords to protect your online accounts. Experts advice that: Your password must—be long Your password must—be unpredictable Your password must—have at least one number Your passwor...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2017/01/10 11:39 p.m.17 views

Secure Your Enterprise With Zoho Vault Password Management Software

Recent data breaches have taught us something very important — online users are spectacularly bad at choosing their strong passwords. Today majority of online users are vulnerable to cyber attacks, not because they are not using any best antivirus or other security measures, but because they are...

6.9AI score
Exploits0
OSV
OSV
added 2016/09/26 3:59 p.m.3 views

CVE-2016-5746

libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf...

5.1CVSS5.8AI score0.00499EPSS
Exploits0References10
Fedora
Fedora
added 2012/09/04 10:58 p.m.28 views

[SECURITY] Fedora 17 Update: gnome-keyring-3.4.1-3.fc17

The gnome-keyring session daemon manages passwords and other types of secrets for the user, storing them encrypted with a main password. Applications can use the gnome-keyring library to integrate with the keyrin g...

4.4CVSS2.1AI score0.00477EPSS
Exploits1
ThreatPost
ThreatPost
added 2011/09/22 4:2 p.m.7 views

Secure Boot in Windows 8 Worries Researchers

Windows 8, like Windows 7 and Vista before it, is being touted as the most secure version of Windows ever. In past releases, many of the security improvements have come through exploit mitigations such as ASLR and DEP and better software security practices during development. In Windows 8, howeve...

1AI score
Exploits0References5
Rows per page
Query Builder