Lucene search
K

185 matches found

BDU FSTEC
BDU FSTEC
added 2019/04/30 12:0 a.m.6 views

The vulnerability of the software tools for managing network resources, Junos Space Service Now and Junos Space Service Insight, is related to errors in managing registration data. This vulnerability allows an attacker to access account information stored in plain text.

The vulnerability of the Junos Space Service Now and Junos Space Service Insight software for managing network resources is related to errors in managing registration data. Exploiting this vulnerability can allow an attacker to access registered data stored in plaintext format...

8.8CVSS6.8AI score0.00443EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2019/04/22 12:0 a.m.2 views

DeepSync Sundray WLAN Controller Trust Management Issue Vulnerability

Sundray WLAN Controller Sundray WAC is a set of wireless LAN controller software from China Sundray Network Technology Sundray. Sundray WAC 3.7.4.2 and earlier versions contain an encryption issue vulnerability, which originates from a network system or product that does not correctly use the...

10CVSS7AI score0.03185EPSS
Exploits0References1
OSV
OSV
added 2019/04/15 12:31 p.m.3 views

CVE-2019-6526

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...

9.8CVSS7.3AI score
Exploits0References1
OSV
OSV
added 2019/04/10 8:29 p.m.4 views

CVE-2019-3612

Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line...

4.4CVSS6.7AI score0.0024EPSS
Exploits0References1
Prion
Prion
added 2019/04/02 6:30 p.m.13 views

Code injection

A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0...

5CVSS7.4AI score0.01192EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/03/06 12:0 a.m.29 views

Credit Card Disclosure in HTML

The remote web application displays plaintext credit card information without the appropriate masking. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid122648; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/03/07";...

5.5AI score
Exploits0
CNVD
CNVD
added 2018/07/31 12:0 a.m.1 views

Thompson Reuters UltraTax CS 2017 for Windows Information Disclosure Vulnerability

Thompson Reuters UltraTax CS 2017 for Windows is a Windows-based automated tax management software from Thompson Reuters, USA. The software is primarily used to automate the management of business or personal tax workflows. An information disclosure vulnerability exists in Thompson Reuters UltraT...

7.5CVSS7.1AI score0.00876EPSS
Exploits2References1
CNVD
CNVD
added 2018/07/24 12:0 a.m.4 views

GNOME evolution-data-server IMAPx component information disclosure vulnerability

GNOME evolution-data-server is the GNOME project's set of mail data servers for the Gnome desktop environment on Linux.IMAPx is one of the components used to handle mail and folders. An information disclosure vulnerability exists in the camel/providers/imapx/camel-imapx-server.c file of the IMAPx...

9.8CVSS8.8AI score0.02889EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/19 12:0 a.m.2 views

Mozilla Thunderbird Information Disclosure Vulnerability (CNVD-2018-13662)

Mozilla Thunderbird is the United States Mozilla Foundation developed from the Mozilla Application Suite independent of the e-mail client software, support for IMAP, POP mail protocol and HTML mail format. An information disclosure vulnerability exists in Mozilla Thunderbird versions prior to 52....

6.5CVSS7.3AI score0.02396EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 12:17 p.m.28 views

Security Bulletin: GSKit Sweet32: Birthday attacks in IBM Content Collector for Microsoft SharePoint

Summary OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a...

7.5CVSS0.3AI score0.95707EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 1:38 p.m.12 views

Security Bulletin: Memory dump from Modeler executables contains cleartext strings (CVE-2015-4991)

Summary IBM SPSS Modeler store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system. Vulnerability Details CVEID: CVE-2015-4991 DESCRIPTION: IBM SPSS Modeler store plain text data in memory dumps, which could allow ...

4CVSS5.5AI score0.00304EPSS
Exploits0Affected Software1
OSV
OSV
added 2018/06/15 2:29 p.m.5 views

CVE-2018-6672

Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...

6.5CVSS5.8AI score0.01201EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/27 12:0 a.m.5 views

IBM BigFix Platform Information Disclosure Vulnerability (CNVD-2017-32856)

IBM BigFix Platform formerly IBM Tivoli Endpoint Manager is a system management software. An information disclosure vulnerability exists in IBM BigFix Platform 9.2 and 9.5. The vulnerability arises because the software communicates sensitive or safety-critical data in plaintext over a channel tha...

5.9CVSS5.8AI score0.00842EPSS
Exploits0References1
CNVD
CNVD
added 2017/10/20 12:0 a.m.5 views

Octopus Information Disclosure Vulnerability

Octopus is an automated tool for development and deployment of .NET from Octopus Deploy Australia. A security vulnerability exists in Octopus versions prior to 3.17.7. An attacker can exploit the vulnerability to obtain sensitive plaintext information...

7.5CVSS7.5AI score0.00806EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/20 12:0 a.m.4 views

Apple iOS MobileBackup Backup Encryption Vulnerability

Apple iOS is an operating system developed by Apple for mobile devices, and MobileBackup is one of the system backup components. A security vulnerability exists in the MobileBackup component in Apple iOS versions prior to 11. The vulnerability can be exploited by a remote attacker to read an...

7.5CVSS8AI score0.01113EPSS
Exploits0References1
OSV
OSV
added 2017/09/20 12:0 a.m.3 views

UBUNTU-CVE-2017-12150

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text...

7.4CVSS6.9AI score0.13228EPSS
Exploits0References5
CNVD
CNVD
added 2017/08/28 12:0 a.m.3 views

Shenzhen Yuanzheng Technology golo android app has information leakage vulnerability

golo APP is a social networking application that uses instant messaging as a communication platform to connect automotive repair technicians with car owners. Shenzhen Yuanzheng Technology golo Android APP has information leakage vulnerability. The attacker can view the user's sensitive informatio...

6.6AI score
Exploits0
CNVD
CNVD
added 2017/07/11 12:0 a.m.4 views

Apache Impala Information Disclosure Vulnerability

Apache Impala incubating is a large-scale, distributed parallel processing database query system of the United States Apache Apache Software Foundation. The system is able to query the Hadoop big data analytics software stored in HDFS distributed file system and HBase database in the petabytes of...

7.5CVSS6.7AI score0.01217EPSS
Exploits1References1
NVD
NVD
added 2017/07/10 8:29 p.m.16 views

CVE-2017-5652

During a routine security analysis, it was found that one of the ports in Apache Impala incubating 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift...

7.5CVSS7.5AI score0.01217EPSS
Exploits1References2
Prion
Prion
added 2017/07/10 8:29 p.m.20 views

Design/Logic Flaw

During a routine security analysis, it was found that one of the ports in Apache Impala incubating 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift...

5CVSS7.5AI score0.01217EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder