Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

315 matches found

CNVD
CNVDadded 2024/12/19 12:0 a.m.11 views

Weasis Key Disclosure Vulnerability

Weasis is an open source DICOM medical image viewer, mainly used to visualize images obtained from medical imaging devices. A key disclosure vulnerability exists in Weasis version 4.5.1, which stems from having a hard-coded key for symmetric encryption of proxy credentials in...

9.8CVSS6.3AI score0.01339EPSS
Exploits1References1
NVD
NVDadded 2024/12/16 9:15 p.m.15 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS0.01339EPSS
Exploits1References4
OSV
OSVadded 2024/12/16 9:15 p.m.4 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS7.1AI score0.01339EPSS
Exploits1References4
CNNVD
CNNVDadded 2024/12/16 12:0 a.m.4 views

Weasis 安全漏洞

Weasis is an open source DICOM medical image viewer, mainly used to visualize images obtained from medical imaging devices. A key disclosure vulnerability exists in Weasis version 4.5.1, which stems from having a hard-coded key for symmetric encryption of proxy credentials in...

9.8CVSS6.5AI score0.01339EPSS
Exploits1References4
EUVD
EUVDadded 2024/12/16 12:0 a.m.7 views

EUVD-2024-52808

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

9.8CVSS9.4AI score0.01339EPSS
Exploits1References4
CVE
CVEadded 2024/12/16 12:0 a.m.76 views

CVE-2024-55557

CVE-2024-55557 affects Weasis 4.5.1 (weasis-core) via ui/pref/ProxyPrefView.java, where a hardcoded key for symmetric encryption of proxy credentials is used. This creates a risk of credential exposure if the key is revealed or misused. The description is supported by OSV/NVD/NVD records and link...

9.8CVSS7AI score0.01339EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/12/16 12:0 a.m.265 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

0.01339EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2024/12/16 12:0 a.m.11 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

7AI score0.01339EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2024/12/13 12:0 a.m.4 views

PT-2024-36553 · Weasis · Weasis

Name of the Vulnerable Software and Affected Versions: Weasis version 4.5.1 Description: The issue concerns a hardcoded key for symmetric encryption of proxy credentials in the ui/pref/ProxyPrefView.java file within the weasis-core component of Weasis. This hardcoded key is used for the symmetric...

9.8CVSS9.3AI score0.01339EPSS
Exploits1References11
Redos
Redosadded 2024/12/11 12:0 a.m.10 views

ROS-20241211-11

A vulnerability in the HTTP client library for Python urllib3 is related to the fact that the Prox-Authorization header is not removed during source-to-source redirection when using proxy server support urllib3 with ProxyManager . Exploitation of the vulnerability could allow an attacker acting...

6.5CVSS7.2AI score0.01141EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2024/11/28 9:26 a.m.12 views

CVE-2024-49502 Reflected XSS in Setup Wizard, HTTP Proxy credentials pane in spacewalk-web

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

4.6CVSS6.8AI score0.00271EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2024/11/19 3:51 a.m.1 views

SUSE CVE-2024-49502

A Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click. This issue affects Container...

3.5CVSS6.6AI score0.00271EPSS
Exploits0References6
OSV
OSVadded 2024/10/02 5:15 p.m.2 views

CVE-2024-20490

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

8.6CVSS5.8AI score
Exploits0References1
CNNVD
CNNVDadded 2024/10/02 12:0 a.m.3 views

Cisco Nexus Dashboard 安全漏洞

Cisco Nexus Dashboard is a single console from Cisco, Inc. It can simplify the operation and management of data center networks. A security vulnerability exists in Cisco Nexus Dashboard that stems from the possibility that HTTP proxy credentials could be recorded in internal logs stored in...

8.6CVSS6.4AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/10/02 12:0 a.m.3 views

PT-2024-7426 · Cisco · Cisco Nexus Dashboard Fabric Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO affected versions not specified Description: The issue is related to a logging function in Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus...

8.6CVSS6.4AI score0.00277EPSS
Exploits0References8
Vulnrichment
Vulnrichmentadded 2024/09/12 6:26 p.m.18 views

CVE-2024-4472 Insertion of Sensitive Information into Log File in GitLab

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.5 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, where dependency proxy credentials are retained in graphql Logs...

4CVSS6.6AI score0.00216EPSS
Exploits0References2
OSV
OSVadded 2024/07/16 7:15 p.m.2 views

CVE-2024-6492

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website...

7.4CVSS5.8AI score0.00599EPSS
Exploits0References1
NVD
NVDadded 2024/07/16 7:15 p.m.26 views

CVE-2024-6492

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website...

7.4CVSS0.00599EPSS
Exploits0References1
CVE
CVEadded 2024/07/16 6:16 p.m.47 views

CVE-2024-6492

Affected software: Devolutions Remote Desktop Manager (Windows)

7.4CVSS6.9AI score0.00599EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/16 6:16 p.m.12 views

CVE-2024-6492

Exposure of Sensitive Information in edge browser session proxy feature in Devolutions Remote Desktop Manager 2024.2.14.0 and earlier on Windows allows an attacker to intercept proxy credentials via a specially crafted website...

7.1AI score0.00599EPSS
Exploits0References1
Rows per page
Query Builder