Lucene search
K

16 matches found

Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32969

Name of the Vulnerable Software and Affected Versions SpiceDB versions 1.49.0 through 1.51.0 Description When the system starts with the log level set to info, the startup 'configuration' log exposes the full datastore DSN, including the plaintext password, within the DatastoreConfig.URI variable...

6CVSS5.9AI score0.00166EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2025-19753

Malicious code in bioql PyPI...

7.8CVSS6.5AI score0.00501EPSS
Exploits2References5
CVE
CVE
added 2025/08/12 11:17 a.m.21 views

CVE-2025-40752

CVE-2025-40752 affects Siemens POWER METER SICAM Q100/Q200 (Q100 variants 2.60–2.61/2.60–2.61 for certain SKUs) and SICAM Q200 (2.70–2.79) where SMTP password is stored in cleartext. This allows an authenticated local attacker to read the SMTP credentials from the device configuration and abuse t...

6.8CVSS7AI score0.00086EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/02 7:27 p.m.17 views

CVE-2025-34078 NSClient++ 0.5.2.35 Local Privilege Escalation via ExternalScripts and Web Interface

A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...

7.3CVSS0.00501EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2025/05/21 8:27 p.m.6 views

CVE-2002-1939

FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows attackers to obtain FTP passwords of other users by editing the queue properties...

2.1CVSS6.8AI score0.00349EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/22 1:1 p.m.11 views

CVE-2024-9418

In version 0.0.14 of transformeroptimus/superagi, the API endpoint /api/users/get/id returns the user's password in plaintext. This vulnerability allows an attacker to retrieve the password of another user, leading to potential account takeover...

6.5CVSS7AI score0.00561EPSS
Exploits1References1
OSV
OSV
added 2024/07/30 2:15 p.m.4 views

DEBIAN-CVE-2024-23091

Weak password hashing using MD5 in funzioni.php in HotelDruid before 1.32 allows an attacker to obtain plaintext passwords from hash values...

7.5CVSS5.2AI score0.00399EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/01/30 10:6 p.m.8 views

CVE-2023-22389

Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwords in a plaintext file when the device configuration is exported via Save/Restore–Backup Settings, which could be read by any user accessing the file...

5.7CVSS6.7AI score0.00477EPSS
Exploits0References1
OSV
OSV
added 2023/01/27 3:15 p.m.6 views

CVE-2022-48071

Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext...

7.5CVSS5.8AI score0.00441EPSS
Exploits1References1
OSV
OSV
added 2021/11/09 12:0 a.m.4 views

UBUNTU-CVE-2016-2124

A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required...

5.9CVSS6.7AI score0.01752EPSS
Exploits0References6
Cvelist
Cvelist
added 2014/05/19 2:0 p.m.41 views

CVE-2013-7033

LiveZilla before 5.1.2.1 includes the operator password in plaintext in Javascript code that is generated by lz/mobile/chat.php, which might allow remote attackers to obtain sensitive information and gain privileges by accessing the loginName and loginPassword variables using an independent...

5.9AI score0.01159EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2013/02/20 9:33 p.m.60 views

Important: Red Hat Security Advisory: JBoss Enterprise SOA Platform 5.3.1 update

JBoss Enterprise SOA Platform 5.3.1, which fixes multiple security issues, various bugs, and adds enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...

7.5CVSS7.3AI score0.15561EPSS
Exploits4References13
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.26 views

RHEL 5 / 6 : Red Hat Network Proxy spacewalk-backend (RHSA-2012:0102)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0102 advisory. Red Hat Network RHN Proxy provides a mechanism for caching content, such as package updates from Red Hat or custom content created for an...

4.9CVSS5.6AI score0.01642EPSS
Exploits0References5
myhack58
myhack58
added 2012/01/01 12:0 a.m.21 views

Akiva WebBoard 8. x SQL injection flaws and fixes-vulnerability warning-the black bar safety net

Title: Akiva Webboard 8. x SQL Injection + Plaintext Passwords in Profiles. Author: Alexander Fuchs www.2cto.com Download address: http://www.akiva.com/default.asp?l=1&id=8 Affected versions: 8. x Test platform: Windows, Linux. It is possible to login as administrator with admin'-- as the usernam...

0.5AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.19 views

CVE-2000-0957

The pluggable authentication module for mysql pammysql before 0.4.7 does not properly cleanse user input when constructing SQL statements, which allows attackers to obtain plaintext passwords or hashes...

7.2AI score0.01209EPSS
Exploits0References2
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.50 views

rconsole.passwd.netware.txt

Date: Tue, 6 Oct 1998 02:36:11 -0500 From: Simple Nomad To: [email protected] Subject: NMRC Advisory - "Decryption" of the RCONSOLE Password Jeez I swear we'd be this productive all the time of fully funded. Anyway this makes up for the last one's lameness. -SN Nomad Mobile Research Centre A D...

7.4AI score
Exploits0
Rows per page
Query Builder