14 matches found
Security Bulletin: IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability (CVE-2026-8405)
Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2026-8405 DESCRIPTION: IBM Guardium Data Protection's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...
CVE-2025-13683
Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0...
CVE-2025-13758
Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8...
EUVD-2020-28347
Malware in sbrugna...
EUVD-2024-42688
Malicious code in bioql PyPI...
CVE-2025-8448
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products...
GHSA-6729-95V3-PJC2 HL7 FHIR IG Publisher potentially exposes GitHub repo user and credential information
Impact In CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and credential based URL, the entire URL will be included in the built Implementation Guide, exposing username an...
PT-2024-8135 · Unknown · Harmony Industrial Pc Series
Name of the Vulnerable Software and Affected Versions: Harmony Industrial PC series affected versions not specified Description: The issue is related to the exposure of sensitive information to an unauthorized actor, which could cause exposure of credentials when an attacker has access to the...
CVE-2023-32268 Administrator equivalent Filr user can access proxy administrator credentials
Exposure of Proxy Administrator Credentials An authenticated administrator equivalent Filr user can access the credentials of proxy administrators...
CVE-2022-3172
A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties...
CVE-2018-25091
urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the authorization header to be exposed to unintended hosts or transmitted in cleartext. NOTE: this...
CVE-2021-36782 Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object
A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners, Project Members and User Base to use the Kubernetes API to retrieve plaintext version of sensitive data. This issue affects: SUSE Rancher Rancher versio...
PT-2021-9429 · Unknown · Wiz Colors A60
Name of the Vulnerable Software and Affected Versions: WiZ Colors A60 version 1.14.0 Description: An issue was discovered where API credentials are locally logged, potentially exposing sensitive information. Recommendations: For WiZ Colors A60 version 1.14.0, consider restricting access to the...
Security Bulletin: IBM Tealeaf Customer Experience allows user authentication via unencrypted GET request (CVE-2015-4990)
Summary The IBM Tealeaf Customer Experience portal allows a user to authenticate via means that could result in exposure of credentials. Vulnerability Details CVEID: CVE-2015-4990 DESCRIPTION: The IBM Tealeaf Customer Experience could allow a local privileged user to obtain the authentication...