30 matches found
CVE-2025-15554 Admin Passwords Cached by Browsers in Truesec LAPSWebUI
Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...
CVE-1999-0755
Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option...
EUVD-1999-1085
Malware in sbrugna...
EUVD-2006-3736
Malware in sbrugna...
Moodle 安全漏洞
Moodle is a free e-learning software platform open-sourced by Moodle, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle that stems from a lack of additional caching controls on the login page that preven...
PT-2025-27373 · Undefined · Undefined
🚨 Fedora 41 just dropped a critical Moodle security update! ✅ Fixes SSRF, IDOR, and password caching flaws CVE-2025-49513 to CVE-2025-49518. Read more: 👉 https://t.co/Nl2zuUwoVS LinuxSecurity EdTech https://t.co/CACOiVyRhw...
CVE-2005-0921
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy...
CVE-2005-4412
Citrix Program Neighborhood client before 9.150 caches the user password in plaintext in the GUI while asterisks are used to visually obfuscate the password, which allows attackers with access to the session to obtain the password by using a tool to directly access the field...
FAQ: Citrix Secure Web and Proxy Support
This article answers the frequently asked questions on Secure Web and Web proxy support. For more information about Secure Web and proxy support, refer to Citrix Documentation - Citrix Secure Web. The support for PAC file inMDX application is removed as of September 2021. This means Citrix has...
CVE-2018-20889
cPanel before 74.0.0 allows certain file-read operations via password file caching SEC-425...
FAQ: XenMobile Client Properties
Question: What does XenMobile Client properties do? Options to enable/disable client properties Answer : Client properties contain information that is provided directly to Secure Hub on user devices. Client properties are located in the XenMobile console inSettings Client Client Properties. Clien...
AD Account Lockouts Due to Citrix PIN Password Caching
After a password change at ActiveDirectory, users are seeing account lockouts. XenMobile was causing these lockouts as the password cached with Citrix PIN was not updated...
Kerberos Security Feature Bypass
Exploit Title: Kerberos Security Feature Bypass Vulnerability Kerberos to NTLM Fallback Date: 22-09-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 and Windows 10 x64 CVE : CVE-2016-3237 Category: Local Exploits & Privilege Escalation SPECIAL CONFIG: Standard Domain...
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
Exploit for windows platform in category local exploits Exploit Title: Kerberos Security Feature Bypass Vulnerability Kerberos to NTLM Fallback Date: 22-09-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 and Windows 10 x64 CVE : CVE-2016-3237 Category: Local Exploits &...
FAQ: Time-Out with Password Caching on XenMobile
Question : What is the expectations of time-outs with the combinations of Enable Password Caching on XenMobile Server? Answer : Enable Password Cache : false Secure PIN authentication on XenMobile Apps after INACTIVITYTIMER expires. Active Directory password authentication on Secure Hub when...
Windows Kerberos Security Feature Bypass
Exploit Title: Windows Kerberos Security Feature Bypass Date: 12-02-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 CVE : CVE-2016-0049 Category: Local Exploit 1 Prerequisites: - Standard Windows 7 Fully patched and member of an existing domain. - BitLocker enabled...
Microsoft Windows - Kerberos Security Feature Bypass (MS16-014)
Microsoft Windows - Kerberos Security Feature Bypass MS16-014 Exploit Title: Windows Kerberos Security Feature Bypass Date: 12-02-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 CVE : CVE-2016-0049 Category: Local Exploit 1 Prerequisites: - Standard Windows 7 Fully...
Microsoft Windows - Kerberos Security Feature Bypass (MS16-014)
Exploit for windows platform in category local exploits Exploit Title: Windows Kerberos Security Feature Bypass Date: 12-02-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 CVE : CVE-2016-0049 Category: Local Exploit 1 Prerequisites: - Standard Windows 7 Fully patched a...
Windows 7/8 admin account installation password stored in the clear in LSA Secrets
---------------------------------- Bug title: Windows 7/8 admin account installation password stored in the clear in LSA Secrets Affected systems: Windows 7, 8 related issue on XP Author: Xavier CC ---------------------------------- Background: ---------------------------------- "Windows LSA...
SplashID 5.5 / SplashID Lite 4.6 For iPhone Password Caching Issue
I submitted this vulnerability report about the password database SplashID to cert.org in early November 2010. CERT bounced it back saying they were too busy. No big deal, so I sent it to the product's vendor, SplashData, on 11/5/2010. I worked with SplashData for a few weeks to help them...