185 matches found
The vulnerability of the software tools for managing network resources, Junos Space Service Now and Junos Space Service Insight, is related to errors in managing registration data. This vulnerability allows an attacker to access account information stored in plain text.
The vulnerability of the Junos Space Service Now and Junos Space Service Insight software for managing network resources is related to errors in managing registration data. Exploiting this vulnerability can allow an attacker to access registered data stored in plaintext format...
DeepSync Sundray WLAN Controller Trust Management Issue Vulnerability
Sundray WLAN Controller Sundray WAC is a set of wireless LAN controller software from China Sundray Network Technology Sundray. Sundray WAC 3.7.4.2 and earlier versions contain an encryption issue vulnerability, which originates from a network system or product that does not correctly use the...
CVE-2019-6526
Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version 3.8 and prior, and EDS-510A series Version 3.8 and prior use plaintext transmission of sensitive data, which may allow an attacker to capture sensitive data such as an administrative...
CVE-2019-3612
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line...
Code injection
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0...
Credit Card Disclosure in HTML
The remote web application displays plaintext credit card information without the appropriate masking. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid122648; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/03/07";...
Thompson Reuters UltraTax CS 2017 for Windows Information Disclosure Vulnerability
Thompson Reuters UltraTax CS 2017 for Windows is a Windows-based automated tax management software from Thompson Reuters, USA. The software is primarily used to automate the management of business or personal tax workflows. An information disclosure vulnerability exists in Thompson Reuters UltraT...
GNOME evolution-data-server IMAPx component information disclosure vulnerability
GNOME evolution-data-server is the GNOME project's set of mail data servers for the Gnome desktop environment on Linux.IMAPx is one of the components used to handle mail and folders. An information disclosure vulnerability exists in the camel/providers/imapx/camel-imapx-server.c file of the IMAPx...
Mozilla Thunderbird Information Disclosure Vulnerability (CNVD-2018-13662)
Mozilla Thunderbird is the United States Mozilla Foundation developed from the Mozilla Application Suite independent of the e-mail client software, support for IMAP, POP mail protocol and HTML mail format. An information disclosure vulnerability exists in Mozilla Thunderbird versions prior to 52....
Security Bulletin: GSKit Sweet32: Birthday attacks in IBM Content Collector for Microsoft SharePoint
Summary OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a...
Security Bulletin: Memory dump from Modeler executables contains cleartext strings (CVE-2015-4991)
Summary IBM SPSS Modeler store plain text data in memory dumps, which could allow a local attacker to obtain information to aid in further attacks against the system. Vulnerability Details CVEID: CVE-2015-4991 DESCRIPTION: IBM SPSS Modeler store plain text data in memory dumps, which could allow ...
CVE-2018-6672
Information disclosure vulnerability in McAfee ePolicy Orchestrator ePO 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors...
IBM BigFix Platform Information Disclosure Vulnerability (CNVD-2017-32856)
IBM BigFix Platform formerly IBM Tivoli Endpoint Manager is a system management software. An information disclosure vulnerability exists in IBM BigFix Platform 9.2 and 9.5. The vulnerability arises because the software communicates sensitive or safety-critical data in plaintext over a channel tha...
Octopus Information Disclosure Vulnerability
Octopus is an automated tool for development and deployment of .NET from Octopus Deploy Australia. A security vulnerability exists in Octopus versions prior to 3.17.7. An attacker can exploit the vulnerability to obtain sensitive plaintext information...
Apple iOS MobileBackup Backup Encryption Vulnerability
Apple iOS is an operating system developed by Apple for mobile devices, and MobileBackup is one of the system backup components. A security vulnerability exists in the MobileBackup component in Apple iOS versions prior to 11. The vulnerability can be exploited by a remote attacker to read an...
UBUNTU-CVE-2017-12150
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text...
Shenzhen Yuanzheng Technology golo android app has information leakage vulnerability
golo APP is a social networking application that uses instant messaging as a communication platform to connect automotive repair technicians with car owners. Shenzhen Yuanzheng Technology golo Android APP has information leakage vulnerability. The attacker can view the user's sensitive informatio...
Apache Impala Information Disclosure Vulnerability
Apache Impala incubating is a large-scale, distributed parallel processing database query system of the United States Apache Apache Software Foundation. The system is able to query the Hadoop big data analytics software stored in HDFS distributed file system and HBase database in the petabytes of...
CVE-2017-5652
During a routine security analysis, it was found that one of the ports in Apache Impala incubating 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift...
Design/Logic Flaw
During a routine security analysis, it was found that one of the ports in Apache Impala incubating 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift...