CVE-2025-12772

Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch admin password on the SANnav support save logs. When OOM occurs on a Brocade SANnav server, the call stack trace for the Brocade switch is also collected in the heap dump file which contains this switch password in clear text. The...

MiracleLinux 9 : webkit2gtk3-2.42.5-1.el9 (AXSA:2024-8032:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8032:02 advisory. webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code...

MiracleLinux 8 : webkit2gtk3-2.42.5-1.el8.ML.1 (AXSA:2024-8331:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8331:03 advisory. webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code...

webkitgtk: User password may be read aloud by a text-to-speech accessibility feature

A flaw was found in webkitgtk where a user’s password may be read aloud by a text-to-speech accessibility feature...

SUSE CVE-2023-32359

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2. A user's password may be read aloud by VoiceOver...

CVE-2022-40939

In certain Secustation products the administrator account password can be read. This affects V2.5.5.3116-S50-SMA-B20171107A, V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A, V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A, V2.3.4.2103-S50-NTD-B20170508B,...

PT-2022-25634 · Unknown · Securestation

Name of the Vulnerable Software and Affected Versions: Secustation versions V2.3.4.1301-M20-TSA-B20150617A through V2.5.5.3116-S50-SMA-B20190723A Secustation version V2.5.5.3116-S50-RXA-B20180502A Secustation version V2.5.5.3116-S50-SMB-B20161012A Secustation version V2.3.4.2103-S50-NTD-B20170508...

PT-2021-24205 · Knime · Knime Server

Name of the Vulnerable Software and Affected Versions: KNIME Server versions 4.12.5 and earlier KNIME Server versions 4.13.x before 4.13.4 Description: The issue allows local users to read the administrator's password from a file due to inadequate file access controls when the software is install...

Exploit for Path Traversal in Mikrotik Routeros

This is a proof of concept PoC exploit for the critical WinBox vulnerability CVE-2018-14847 that allows for arbitrary file read of plain text passwords. The vulnerability has been fixed, but the project is no longer supported or updated. The exploit is written in Python and uses the socket librar...

Exploit for Path Traversal in Mikrotik Routeros

WinboxExploit This is a proof of concept of the critical WinBo...

Exploit for Path Traversal in Mikrotik Routeros

WinboxExploit This is a proof of concept of the critical WinBo...

CVE-2017-14743

Faleemi FSC-880 00.01.01.0048P2 devices allow unauthenticated SQL injection via the Username element in an XML document to /onvif/deviceservice, as demonstrated by reading the admin password...

D-Link DIR-600 Certification Bypass Vulnerability

D-Link DIR-600 Rev Bx is a wireless router product. A security vulnerability exists in the D-Link DIR-600 Rev Bx that allows remote attackers to exploit the vulnerability to submit a special request to read password information...

CVE-2016-10314

Jensen of Scandinavia AS Air:Link 3G AL3G version 2.23m Rev. 3, Air:Link 5000AC AL5000AC version 1.13, and Air:Link 59300 AL59300 version 1.04 Rev. 4 devices allow remote attackers to read passwords via a direct request to the x.asp page...

DEBIAN-CVE-2015-8927

The tradencdecryptupdate function in archivereadsupportformatzip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service out-of-bounds heap read and crash via a crafted zip file, related to reading the password...