92 matches found
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
PT-2025-50352
Name of the Vulnerable Software and Affected Versions PagerDuty Runbook versions through 2025-06-12 Description PagerDuty Runbook through 2025-06-12 has an issue where stored secrets are exposed directly in the webpage Document Object Model DOM at the configuration page. While these secrets are...
PagerDuty Runbook 安全漏洞
PagerDuty Runbook is an automation platform from PagerDuty USA. A security vulnerability exists in PagerDuty Runbook version 2025-06-12 and earlier, which stems from a configuration page that directly exposes stored keys, potentially leading to the disclosure of sensitive information...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
CVE-2025-52493
PagerDuty Runbook (through 2025-06-12) stores secret values in the configuration page DOM. Although fields appear masked, secrets are present in the page source and can be revealed by changing input type from password to text via browser dev tools. Exploitation is described as possible by adminis...
EUVD-2019-4690
Malware in sbrugna...
EUVD-2017-10393
Malware in sbrugna...
HCL iAutomate 安全漏洞
HCL iAutomate is a powerful and intelligent runbook automation product from HCL India. A security vulnerability exists in HCL iAutomate that stems from insufficient session expiration and could lead to unauthorized access...
PlexTrac 安全漏洞
PlexTrac is a penetration test reporting and management platform from PlexTrac Inc. in the United States. A security vulnerability exists in PlexTrac versions prior to 1.61.3 through 2.8.1 that stems from an untrustworthy data deserialization vulnerability in the Runbook module, which allows obje...
AzureRT - A Powershell Module Implementing Various Azure Red Team Tactics
Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, switching from Az to AzureAD and az cli interfaces, easy to use pre-made attacks such as Runbook-based command...
CVE-2020-24566
In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to run on the server/worker, then under certain circumstances the account password is exposed in...
CVE-2019-13163
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
Design/Logic Flaw
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
CVE-2019-13163
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
Security Bulletin: A security vulnerability has been identified in IBM Runbook Automation (CVE-2017-1377).
Summary Detailed technical error messages can allow an adversary to gain information about the application and database that could be used to conduct attacks. Vulnerability Details CVEID: CVE-2017-1377 DESCRIPTION: IBM Runbook Automation reveals sensitive information in error messages that could ...
Update Rollup 14 for System Center 2012 R2 Orchestrator
Update Rollup 14 for System Center 2012 R2 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 14 for Microsoft System Center 2012 R2 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed Update rollup...
IBM Runbook Automation Information Disclosure Vulnerability
IBM Runbook Automation is a suite of automated operations software from IBM in the United States. The software is used to define, build, edit and manage systems and network operational processes, reducing manual tasks. An information disclosure vulnerability exists in IBM Runbook Automation that...
CVE-2017-1377
IBM Runbook Automation reveals sensitive information in error messages that could be used in further attacks against the system. IBM X-Force ID: 126874...