43 matches found
EUVD-2019-15208
Malware in sbrugna...
EUVD-2016-9714
Malware in sbrugna...
EUVD-2015-1007
Malware in sbrugna...
EUVD-2023-50924
Malicious code in bioql PyPI...
CVE-2025-21003
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information...
CVE-2023-31001
IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653...
CVE-2020-9202
There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. Due to the improper storage of some information in certain specific scenario, the attacker can gain information in the victim's device to launch the attack, successful exploit could caus...
CVE-2020-22453
Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information...
CVE-2019-13100
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/sharedprefs/sendanywheredevice.xml...
CVE-2025-2489
CVE-2025-2489 affects NTFS Tools 3.5.1 and involves insecure storage of sensitive information. The vulnerability stems from storing the application password in /Users/user/Library/Application Support/ntfs-tool/config.json, enabling an attacker with local access to read the password. Documented im...
CVE-2025-0714 Insecure storage of sensitive information in MobaXTerm <25.0.
The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector IV consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted...
CVE-2025-0142 Zoom Jenkins Marketplace plugin - Cleartext Storage of Sensitive Information
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access...
Jenkins plugins Multiple Vulnerabilities (2025-01-22)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins OpenId Connect Authentication Plugin 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret
Advisory ID: SYSS-2024-028 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Risk Level: Medium Solution Status: Open Manufacturer...
Unspecified vulnerability in Linux kernel (CNVD-2024-35102)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that when storing information in the scsi:mpi3mr module, the value of mrsasport-phymask may be larg...
CVE-2024-4235
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...
Red Hat OpenShift 安全漏洞
Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that supports building, testing, deploying, and running applications. A security vulnerability exists in Red Hat OpenShift that stems from the use of plain strings to store some sensitive information...
CVE-2024-1410 Unbounded storage of information related to connection ID retirement, in quiche
Cloudflare quiche was discovered to be vulnerable to unbounded storage of information related to connection ID retirement, which could lead to excessive resource consumption. Each QUIC connection possesses a set of connection Identifiers IDs; see RFC 9000 Section 5.1...
CVE-2023-46757
The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality...
Security feature bypass
The remote PIN module has a vulnerability that causes incorrect information storage locations.Successful exploitation of this vulnerability may affect confidentiality...