25 matches found
EUVD-2020-18824
Malware in sbrugna...
EUVD-2024-51942
Malicious code in bioql PyPI...
CVE-2024-53292
Dell VxVerify (versions before x.40.405) contains a Plain-text Password Storage Vulnerability in the shell wrapper. A local high-privilege attacker could disclose user credentials and reuse them to access the vulnerable component with the compromised account’s privileges. Affected product/version...
CVE-2024-28971
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...
CVE-2024-28971
Dell Update Manager Plugin, versions 1.4.0 through 1.5.0, contains a Plain-text Password Storage Vulnerability in Log file. A remote high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the...
Default credentials
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed credentials to access th...
CVE-2023-44300
CVE-2023-44300 applies to Dell DM5500 (version 5.14.0.0). The vulnerability is a plain-text password storage issue in the PPOE component, enabling a local privileged attacker to disclose service credentials and access the vulnerable application with the compromised account’s privileges. Supported...
GLSA-202210-09 : Rust: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-09 Rust: Multiple Vulnerabilities - In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. CVE-2021-28875 - In t...
CVE-2022-33928
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to...
Default credentials
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to...
CVE-2022-33928
Summary (CVE-2022-33928) Dell Wyse Management Suite (versions 3.6.1 and earlier) contains a plain‑text password storage vulnerability in the UI that could disclose credentials to an attacker with low privileges. Impact is credential exposure and potential access to the vulnerable application with...
CVE-2022-33928
Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in UI. An attacker with low privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to...
Dell Wyse Management Suite < 3.8 Multiple Vulnerabilities (DSA-2022-134)
The version of Dell Wyse Management Suite installed on the remote host is prior to 3.8. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2022-134 advisory. - Wyse Management Suite 3.7 and earlier contains a Sensitive Data Exposure vulnerability. A low privileged...
Default credentials
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use...
CVE-2021-43590
Dell EMC Enterprise Storage Analytics for vRealize Operations (versions 4.0.1–6.2.1) stores passwords in plaintext, enabling a local high-privileged attacker to disclose certain user credentials and potentially access the vulnerable application with the compromised account’s privileges. The vulne...
CVE-2021-36317
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in AvInstaller. A local attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the...
CVE-2021-36317
Dell EMC Avamar Server 19.4 is listed as affected by CVE-2021-36317 due to a plain-text password storage vulnerability in AvInstaller. The vulnerability could allow a local attacker to disclose user credentials and then access the vulnerable application with the compromised account’s privileges. ...
CVE-2021-21590
CVE-2021-21590 affects Dell EMC Unity, Unity XT, and UnityVSA (pre-5.1.0.0.5.394). The issue is a plain-text password storage vulnerability in the product’s local authentication data. A local, high-privilege attacker can use an exposed password to access the system with the compromised user’s pri...
CVE-2021-21590
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.1.0.0.5.394 contain a plain-text password storage vulnerability. A local malicious user with high privileges may use the exposed password to gain access with the privileges of the compromised user...
CVE-2021-21547
Dell EMC Unity, UnityVSA, and Unity XT versions prior to 5.0.7.0.5.008 contain a plain-text password storage vulnerability when the Dell Upgrade Readiness Utility is run on the system. The credentials of the Unisphere Administrator are stored in plain text. A local malicious user with high...