Lucene search
K

320 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:47 p.m.7 views

CVE-2020-15698

An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials...

5.3CVSS6.6AI score0.01636EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:13 a.m.18 views

CVE-2019-17598

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host...

7.5CVSS6.6AI score0.00698EPSS
Exploits0References1
OSV
OSV
added 2025/04/03 2:10 p.m.7 views

BIT-JOOMLA-2020-15698

An issue was discovered in Joomla! through 3.9.19. Inadequate filtering on the system information screen could expose Redis or proxy credentials...

5.3CVSS6.9AI score0.01636EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/06 11:58 a.m.10 views

CVE-2025-1696 Exposure of Proxy Credentials in Docker Desktop Logs

A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an...

5.2CVSS0.00158EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/06 11:58 a.m.12 views

CVE-2025-1696 Exposure of Proxy Credentials in Docker Desktop Logs

A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in clear text whenever an...

5.2CVSS6.5AI score0.00158EPSS
Exploits0References2
CNVD
CNVD
added 2024/12/19 12:0 a.m.11 views

Weasis Key Disclosure Vulnerability

Weasis is an open source DICOM medical image viewer, mainly used to visualize images obtained from medical imaging devices. A key disclosure vulnerability exists in Weasis version 4.5.1, which stems from having a hard-coded key for symmetric encryption of proxy credentials in...

9.8CVSS6.3AI score0.01339EPSS
Exploits1References1
NVD
NVD
added 2024/12/16 9:15 p.m.15 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS0.01339EPSS
Exploits1References4
OSV
OSV
added 2024/12/16 9:15 p.m.6 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS7.1AI score0.01339EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/12/16 12:0 a.m.4 views

Weasis 安全漏洞

Weasis is an open source DICOM medical image viewer, mainly used to visualize images obtained from medical imaging devices. A key disclosure vulnerability exists in Weasis version 4.5.1, which stems from having a hard-coded key for symmetric encryption of proxy credentials in...

9.8CVSS6.5AI score0.01339EPSS
Exploits1References4
EUVD
EUVD
added 2024/12/16 12:0 a.m.7 views

EUVD-2024-52808

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS9.4AI score0.01339EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/16 12:0 a.m.265 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

0.01339EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/12/16 12:0 a.m.11 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

7AI score0.01339EPSS
Exploits1References4
CVE
CVE
added 2024/12/16 12:0 a.m.76 views

CVE-2024-55557

CVE-2024-55557 affects Weasis 4.5.1 (weasis-core) via ui/pref/ProxyPrefView.java, where a hardcoded key for symmetric encryption of proxy credentials is used. This creates a risk of credential exposure if the key is revealed or misused. The description is supported by OSV/NVD/NVD records and link...

9.8CVSS7AI score0.01339EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.4 views

PT-2024-36553 · Weasis · Weasis

Name of the Vulnerable Software and Affected Versions: Weasis version 4.5.1 Description: The issue concerns a hardcoded key for symmetric encryption of proxy credentials in the ui/pref/ProxyPrefView.java file within the weasis-core component of Weasis. This hardcoded key is used for the symmetric...

9.8CVSS9.3AI score0.01339EPSS
Exploits1References11
Redos
Redos
added 2024/12/11 12:0 a.m.10 views

ROS-20241211-11

A vulnerability in the HTTP client library for Python urllib3 is related to the fact that the Prox-Authorization header is not removed during source-to-source redirection when using proxy server support urllib3 with ProxyManager . Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS7.2AI score0.01141EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/11/28 9:26 a.m.12 views

CVE-2024-49502 Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

4.6CVSS6.8AI score0.00271EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/11/19 3:51 a.m.2 views

SUSE CVE-2024-49502

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

3.5CVSS6.6AI score0.00271EPSS
Exploits0References6
OSV
OSV
added 2024/10/02 5:15 p.m.3 views

CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

8.6CVSS5.8AI score
Exploits0References1
CNNVD
CNNVD
added 2024/10/02 12:0 a.m.4 views

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...

8.6CVSS6.4AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/02 12:0 a.m.4 views

PT-2024-7426 · Cisco · Cisco Nexus Dashboard Fabric Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO affected versions not specified Description: The issue is related to a logging function in Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus...

8.6CVSS6.4AI score0.00277EPSS
Exploits0References8
Rows per page
Query Builder