CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/03/20 9:18 a.m.•2 views

BIT-RABBITMQ-C-2023-35789

An issue was discovered in the C AMQP client library aka rabbitmq-c through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line e.g., for amqp-publish or amqp-consume and are thus visible to local attackers by listing a process and its arguments...

5.5CVSS6.1AI score0.00024EPSS

Exploits0References4

RedhatCVE•added 2025/11/12 7:47 a.m.•2 views

CVE-2025-6571

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it...

6CVSS6.9AI score0.00012EPSS

EUVD•added 2025/11/11 9:30 a.m.•2 views

EUVD-2025-74041

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it...

6CVSS6.4AI score0.00012EPSS

NVD•added 2025/11/11 7:15 a.m.•2 views

CVE-2025-6571

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it...

6CVSS0.00012EPSS

CVE•added 2025/11/11 7:3 a.m.•5 views

CVE-2025-6571

CVE-2025-6571 affects AXIS OS (Axis edge device OS). A third-party component exposes its password in process arguments, allowing low-privilege users to access it. The available documents describe the root cause (password exposure in parameters) and the impact (local access by low-privilege users)...

6CVSS6.5AI score0.00012EPSS

Vulnrichment•added 2025/11/11 7:3 a.m.•2 views

CVE-2025-6571

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it...

6CVSS6.3AI score0.00012EPSS

Cvelist•added 2025/11/11 7:3 a.m.•3 views

CVE-2025-6571

A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it...

6CVSS0.00012EPSS

Positive Technologies•added 2025/11/11 12:0 a.m.•2 views

PT-2025-46308

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description A third-party component exposed its password in process arguments, potentially allowing low-privileged users to access it. Recommendations At the moment, there ...

6CVSS6.5AI score0.00012EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-5019

Malware in sbrugna...

7.5CVSS6.1AI score0.0035EPSS

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-0151

Malware in sbrugna...

2.1CVSS6.1AI score0.00063EPSS

Exploits0References10

Snyk•added 2025/08/28 1:33 p.m.•2 views

Missing Password Field Masking

Overview Affected versions of this package are vulnerable to Missing Password Field Masking due to improper handling of process command arguments containing sensitive information. An attacker can obtain confidential data by accessing security event logs where sensitive arguments, such as password...

6.9CVSS7AI score0.00062EPSS

Kitploit•added 2024/04/16 12:30 p.m.•31 views

NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected

NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly. Default Cmd: Windows Event Logs...

7.6AI score

SUSE CVE•added 2023/09/20 11:26 p.m.•1 views

SUSE CVE-2023-43621

An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments...

4.7CVSS6.8AI score0.00032EPSS

Exploits1References3

Vulnrichment•added 2023/09/20 12:0 a.m.•13 views

CVE-2023-43621

An issue was discovered in Croc through 9.6.5. The shared secret, located on a command line, can be read by local users who list all processes and their arguments...

6.6AI score0.00032EPSS

Exploits1References3

SUSE CVE•added 2023/06/20 1:13 a.m.•1 views

SUSE CVE-2023-35789

7.7CVSS6.8AI score0.00024EPSS

Exploits0References4

OSV•added 2023/06/16 9:15 p.m.•14 views

CVE-2023-35789

5.5CVSS7AI score

UbuntuCve•added 2023/06/16 9:15 p.m.•25 views

CVE-2023-35789

5.5CVSS6.1AI score0.00024EPSS

OSV•added 2023/03/28 8:15 p.m.•1 views

CVE-2023-25722

A credential-leak issue was discovered in related Veracode products before 2023-03-27. Veracode Scan Jenkins Plugin before 23.3.19.0, when configured for remote agent jobs, invokes the Veracode Java API Wrapper in a manner that allows local users with OS-level access of the Jenkins remote to...

5.5CVSS6.1AI score

Cvelist•added 2020/10/02 5:10 p.m.•8 views

CVE-2020-5422 UAA password may appear in BOSH System Metrics Server process arguments

BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. It exposed the password to any user or process with access to the same VM through ps or looking at process details...

6.6AI score0.00327EPSS