Linux Distros Unpatched Vulnerability : CVE-2005-2214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords...

CVE-2024-51993 Password is stored in clear in the database in Combodo iTop

Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read some passwords for misconfigured Users. This issue has been addressed in version 3.2.0 and all users are advised to upgrade. Users unable to upgrade are advised to encrypt their...

CVE-2023-43843

Incorrect access control in the account management function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to read user and administrator accounts passwords via HTTP GET request...

Fortinet FortiPortal 日志信息泄露漏洞

Fortinet FortiPortal is an advanced, feature-rich hosted security analysis and management support tool for Fortinet's FortiGate, FortiWiFi and FortiAP product lines, available as a virtual machine for MSPs. An information disclosure vulnerability exists in Fortinet FortiPortal versions 7.0.0...

CVE-2020-15001

An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked whe...

Siemens SiNVR 3 Weak Password Vulnerability

SiNVR 3 is a video management platform.Central Control Server CCS is the central control server and Video Server is the video server. SiNVR 3 has a weak password vulnerability in its implementation that can be exploited by a remote attacker to read and decrypt passwords...

Siemens SiNVR 3 Central Control Server (CCS) Information Disclosure Vulnerability

SiNVR is the Siemens OEM version of SiVMS, a video management solution acquired by PKE Deutsch land gmmbH and formerly distributed by Schille Informationssysteme gmmbH. An information disclosure vulnerability exists in Siemens SiNVR 3 Central Control Server CCS. An attack with administrative righ...

UBUNTU-CVE-2008-7320

DISPUTED GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision...

D-Link DAP-1360 File Path Traversal and Cross-Site Scripting Vulnerability

The D-Link DAP-1360 is a wireless router. A file path traversal and cross-site scripting vulnerability exists in the D-Link DAP-1360, which allows remote attackers to read passwords via incorrect parameters, leading to an absolute path traversal attack...

xorg-x11-server: Information disclosure due enabling events from hot-plug devices despite input from the device being momentarily disabled

X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input events when adding a new hot-plug device, which might allow physically proximate attackers to obtain sensitive information, as demonstrated by reading passwords from a tty...