PT-2026-45558

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX in NET-SNMP-VACM-MIB could lead to an out-of-bounds memory access. A user with read-only credentials could exploit this issue. Version 5.9.2...

CVE-2025-14758

The CVE-2025-14758 entry concerns the YAOOK Operator’s infra-operator, where a misconfiguration in the replication security of the MariaDB component could allow an on-path attacker to read database contents, potentially including credentials. This is documented across multiple feeds (NVD, Red Hat...

CVE-2025-14758 Initialization of a Resource with an Insecure Default in YAOOK

Incorrect configuration of replication security in the MariaDB component of the infra-operator in YAOOK Operator allows an on-path attacker to read database contents, potentially including credentials...

PT-2025-51347

Name of the Vulnerable Software and Affected Versions YAOOK Operator affected versions not specified Description An incorrect configuration of replication security within the MariaDB component of the infra-operator in YAOOK Operator could allow an on-path attacker to read database contents, which...

EUVD-2019-4502

Malware in sbrugna...

CVE-2025-20290 Cisco NXOS Software Sensitive Log Information Disclosure Vulnerability

A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow...

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read credentials...

CVE-2024-8315 Improper Handling of Insufficient Permissions or Privileges in B&R APROL

An Improper Handling of Insufficient Permissions or Privileges vulnerability in scripts used in B&R APROL 4.4-00P5 may allow an authenticated local attacker to read credential information...

IBM Host Access Transformation Services 安全漏洞

IBM Host Access Transformation Services is a software solution from International Business Machines IBM. IBM Host Access Transformation Services suffers from an insufficiently protected credentials vulnerability that arises from storing user credentials in plaintext, which can be exploited by an...

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read credentials...

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read credentials...

CVE-2022-30952

Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins...

CVE-2022-20630

A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploi...

PT-2021-22879 · Unknown · Climatix Pol909

Name of the Vulnerable Software and Affected Versions: Climatix POL909 AWB module versions prior to V11.42 Climatix POL909 AWM module versions prior to V11.34 Description: A vulnerability has been identified where the web server of affected devices transmits data without TLS encryption. This coul...

SAP Business Client 安全漏洞

SAP Business Client is a user interface client program from SAP. The program supports access to multiple SAP applications from a single platform. SAP Business Client has a security vulnerability that allows him to read extremely sensitive data such as credentials. This would allow an attacker to...

IBM Security Guardium Insights Information Disclosure Vulnerability (CNVD-2020-50793)

IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. An information disclosure vulnerability exists in IBM Security Guardium Insights 2.0.1, which can be exploited by a local user t...

Hardcoded credentials

The Pilot Below Deck Equipment BDE and OpenPort implementations on Iridium satellite terminals allow remote attackers to read hardcoded credentials via the web interface...

samba: information disclosure in suid mount.cifs

mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the...

CVE-2004-0165

Format string vulnerability in Point-to-Point Protocol PPP daemon pppd 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges...