22 matches found
PT-2025-44454
Name of the Vulnerable Software and Affected Versions Each Italy Wireless Mini Router WIRELESS-N 300M version v28K.MiniRouter.20190211 Description The Each Italy Wireless Mini Router WIRELESS-N 300M stores the Administrator password. Recommendations At the moment, there is no information about a...
CVE-2025-36100
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local us...
CVE-2025-36100
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...
CVE-2025-36100 IBM MQ information disclosure
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...
CVE-2025-36100
CVE-2025-36100 affects IBM MQ LTS and CD client components where enabling trace stores a password in client configuration files that a local user can read. The IBM bulletin details affected MQ LTS versions (9.1.0.0–9.1.0.29, 9.2.0.0–9.2.0.36, 9.3.0.0–9.3.0.30, 9.4.0.0–9.4.0.12) and MQ CD (9.3.0.0...
CVE-2025-36100 IBM MQ information disclosure
IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 through 9.3.0.30 and 9.4.0.0 through 9.4.0.12 and IBM MQ CD 9.3.0.0 through 9.3.5.1 and 9.4.0.0 through 9.4.3.0 Java and JMS stores a password in client configuration files when trace is enabled which can be read by a local...
PT-2025-36405
Name of the Vulnerable Software and Affected Versions: IBM MQ LTS versions 9.1.0.0 through 9.1.0.29 IBM MQ LTS versions 9.2.0.0 through 9.2.0.36 IBM MQ LTS versions 9.3.0.0 through 9.3.0.30 IBM MQ LTS versions 9.4.0.0 through 9.4.0.12 IBM MQ CD versions 9.3.0.0 through 9.3.5.1 IBM MQ CD versions...
CVE-2025-27656
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.862 Application 20.0.2014 allows Password Stored in Process List V-2023-011...
PYSEC-2024-121
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting s...
TOTOLINK CA300-PoE 信任管理问题漏洞
The TOTOLINK CA300-PoE is a wireless access point from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK CA300-PoE version V6.2c.884, which originates from /etc/config/product.ini storing the password for the telnet service...
fwupd 安全漏洞
fwupd is a plugin that supports firmware updates for session software on Linux platforms. fwupd 1.8.5 previously contained an information disclosure vulnerability that stemmed from the fact that when creating an OPERATOR user account on BMC, the redfish plugin saved the automatically generated...
CVE-2022-34805
Jenkins Skype notifier Plugin 1.1.0 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system...
CVE-2021-21664
An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored i...
Information Disclosure
ceph is vulnerable to information disclosure. The vulnerability exists due to the password stored in mgr logs for gradana and dashboard...
ABB Symphony Plus Operations and ABB Symphony Plus Historian Trust Management Issue Vulnerabilities
ABB Symphony Plus Operations and ABB Symphony Plus Historian are both products of ABB Switzerland.ABB Symphony Plus Operations is a management device used in industrial environments to improve operational efficiency. The device provides an easy-to-use human-machine interface that seamlessly...
Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is affected by a Password Stored in Clear Text vulnerability
Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4307 DESCRIPTION: IBM Security Guardium Big Data Intelligence SonarG stores user credentials in plain in clear text which can be read by a local user. CVSS...
CVE-2019-17203
TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a crafted password for an item in any folder...
PT-2019-11813 · Vmware +2 · Vfabric Application Director Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins vFabric Application Director Plugin affected versions not specified Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file of the Jenkins master. Specifically, the...
CVE-2018-1999033
An exposure of sensitive information vulnerability exists in Jenkins Anchore Container Image Scanner Plugin 10.16 and earlier in AnchoreBuilder.java that allows attackers with Item/ExtendedRead permission or file system access to the Jenkins master to obtain the password stored in this plugin's...
PT-2018-10651
Name of the Vulnerable Software and Affected Versions The Olive Tree Ftp Server application version 1.32 Description The issue concerns insecure data storage. Specifically, a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared prefs/com.theolivetree.ftpserver...