Security Bulletin: IBM Security QRadar EDR Software has a vulnerability where user credentials may be stored in plain text, potentially exposing sensitive information.

Summary IBM Security QRadar EDR Software is affected by a vulnerability where user credentials are stored in plain text, which could allow a local privileged user to access sensitive credential information. This vulnerability has been addressed in version 3.12.25. Vulnerability Details...

PT-2026-45846

Name of the Vulnerable Software and Affected Versions ARMember Premium versions prior to 7.3.1 Description The ARMember Premium plugin for WordPress contains an insecure password reset mechanism. Recommendations Update to version 7.3.1...

CVE-2025-34078

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2022-34339, CVE-2021-3712, CVE-2021-3711, CVE-2021-4160, CVE-2021-29425, CVE-2021-3733, CVE-2021-3737, CVE-2022-0391, CVE-2021-43138, CVE-2022-24758)

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics 11.1.7 FP6. These vulnerabilities have also been previously addressed in IBM Cognos Analytics 11.2.3. A vulnerability where user credentials are stored in plain cleartext in a log and could be read by an authenticated us...

mySCADA myPRO Information Disclosure Vulnerability

mySCADA myPRO is a professional HMI/SCADA system from mySCADA designed for the visualization and control of industrial processes. An information disclosure vulnerability exists in mySCADA myPRO that originates from storing credentials in plaintext. An attacker could exploit this vulnerability to...

CVE-2024-33470

The CVE-2024-33470 entry affects AVTECH Room Alert 4E v4.4.0, with a root cause in the SMTP Email Settings that can expose credentials in plaintext via a passback attack. The issue is documented across multiple sources (including PT-2024-25275) and is tied to products that are no longer supported...

CVE-2024-33470

An issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passback attack. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

GHSA-W9VV-FVW8-J6Q3 codders-dataset Process Table Local Plaintext Credential Disclosure

lib/dataset/database/mysql.rb and lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby both place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process...

Important: Red Hat Security Advisory: .NET 5.0 security and bugfix update

An update for .NET 5.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RubyGems echor Plaintext Credential Local Information Disclosure Vulnerability

RubyGems echor is a Ruby-based Echo application developed by software developer Pedro Del Gallego. A local information disclosure vulnerability exists in RubyGems echor Plaintext Credential. A local attacker can exploit this vulnerability to obtain sensitive information such as credentials...

WIN-911 7.17.00 - Multiple Vulnerabilities

WIN-911 7.17.00 - Multiple Vulnerabilities Title: WIN-911 - Insecure File Permissions EoP CWE Class: CWE-276: Incorrect Default Permissions Date: 05/09/2016 Vendor: Win911 Product: WIN-911 Type: Alarm Notification Software Version: V7.17.00 Download URL: through Rockwell Automation downloads:...

cap-strap Gem for Ruby Process Table Local Plaintext Credential Disclosure

cap-strap Gem for Ruby contains a flaw that is due to the application exposing credential information in plaintext in the process table listing. This may allow a local attacker to gain access to credential information...

point-cli Gem for Ruby /lib/commands/setup.rb Process Table Local Plaintext Credential Disclosure

point-cli Gem for Ruby contains a flaw in /lib/commands/setup.rb that is due to the application exposing credential information in plaintext in the process table. This may allow a local attacker to gain access to credential information...

echor Gem for Ruby Process Listing Local Plaintext Credential Disclosure

echor Gem for Ruby contains a flaw that is due to the program exposing credential information in the system process listing. This may allow a local attacker to gain access to plaintext credential information...