5 matches found
CVE-2025-23215
PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in jar published to Maven Central. The private key itself is not known to have been compromised itself, but given its passphrase is, it must also be considered...
Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data
A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence AI chat agent. The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked...
Cleartext Storage of Sensitive Information
Overview net.sourceforge.pmd:pmd-designer is a graphical tool that helps PMD users develop their custom rules Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information in the form of the passphrase for gpg.keyname=0xD0BF1D737C9A1C22 appearing in the Maven jar ...
PT-2025-4854 · Pmd · Pmd
Name of the Vulnerable Software and Affected Versions: PMD affected versions not specified Description: PMD is an extensible multilanguage static code analyzer. The passphrase for the PMD and PMD Designer release signing keys are included in a jar published to Maven Central. Although the private...
PT-2023-1501 · Fortinet · Fortiauthenticator +2
Name of the Vulnerable Software and Affected Versions: FortiGate versions 6.0.0 through 6.0.13 FortiGate versions 6.2.0 through 6.2.9 FortiGate versions 6.4.0 through 6.4.1 FortiAuthenticator version 5.5.0 FortiAuthenticator versions 6.0 FortiAuthenticator versions 6.1 Description: A clear text...