10 matches found
CVE-2026-56783
Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...
CVE-2026-56783
Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...
EUVD-2026-40159
Parseable before 2.9.2 contains an information disclosure vulnerability in the notification-target API endpoints that returns webhook tokens and basic-auth credentials in cleartext due to commented-out secret-masking functionality. Any authenticated user with the GetAlert action, including...
CVE-2026-3314 Missing Password Masking in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer and Hitachi Ops Center Analyzer viewpoint
Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...
GHSA-7C2G-P23P-4JG3 Vikjuna: Webhook BasicAuth Credentials Exposed to Read-Only Project Collaborators via API
Summary The GET /api/v1/projects/:project/webhooks endpoint returns webhook BasicAuth credentials basicauthuser and basicauthpassword in plaintext to any user with read access to the project. While the existing code correctly masks the HMAC secret field, the BasicAuth fields added in a later...
CVE-2023-49106
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux Device Manager Agent component.This issue affects Hitachi Device Manager: before 8.8.5-04...
PT-2023-22760 · Hashicorp +1 · Hashicorp Consul +2
Name of the Vulnerable Software and Affected Versions: Jenkins Consul KV Builder Plugin versions 2.0.13 and earlier Description: The issue concerns the storage and display of the HashiCorp Consul ACL Token in the Jenkins Consul KV Builder Plugin. Specifically, the token is stored unencrypted in t...
Jenkins Gitea Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2021-44862
Netskope client is impacted by a vulnerability where an authenticated, local attacker can view sensitive information stored in NSClient logs which should be restricted. The vulnerability exists because the sensitive information is not masked/scrubbed before writing in the logs. A malicious user c...
PT-2022-13869 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.6 GitLab CE/EE versions 14.9.0 through 14.9.4 GitLab CE/EE versions 14.10.0 through 14.10.1 Description: The issue is related to missing input masking in GitLab CE/EE, which causes potentially sensitiv...