CVE-2025-6571

CVE-2025-6571 affects AXIS OS (Axis edge device OS). A third-party component exposes its password in process arguments, allowing low-privilege users to access it. The available documents describe the root cause (password exposure in parameters) and the impact (local access by low-privilege users)...

EUVD-2024-19977

Malicious code in bioql PyPI...

CVE-2025-27662

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Password in URL OVE-20230524-0005...

Design/Logic Flaw

Dell Data Protection Search 19.2.0 and above contain an exposed password opportunity in plain text when using LdapSettings.getldapinfo in DP Search. A remote unauthorized unauthenticated attacker could potentially exploit this vulnerability leading to a loss of Confidentiality, Integrity,...

SUSE CVE-2020-5422

BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. It exposed the password to any user or process with access to the same VM through ps or looking at process details...

Design/Logic Flaw

Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Account Takeover :: when see the info i can see the forgotpasswordtoken the hacker can send the request and changed the pass...

Authentication flaw

An issue was discovered where a page is exposed that has the current administrator password in cleartext in the source code of the page. No authentication is required in order to reach the page a certain live?.shtml page with the variable syspasswd. Affected Devices: Wavlink WN530HG4, Wavlink...

CVE-2019-10210

Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file...

Sad-Raven GuestBook

Product : Sad-Raven GuestBook Version : 1.1 WebSite : http://www.sad-raven.ru Problem : Admin access rus Description: ------------ Если посмотреть файл admin.php, можно увидеть следующие строки: admin.php ========= ... if fileexists"passwd.dat" && $QUERYSTRING != "": require "passwd.dat";...

Несанкционированный доступ через xitami (privelege escalation)

Пароль администратора хранится в открытом на чтение файле. Сам веб-сервер работает с привилегиями root. Администратор может изменить расположение Cgi-bin получив доступ с правами root...

PT-2001-1770 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The SSH protocols 1 and 2 as implemented in OpenSSH have various weaknesses that can allow a remote attacker to obtain sensitive information via sniffing. This includes password lengths or...