Lucene search
K

92 matches found

OSV
OSV
added 2025/12/10 5:15 p.m.4 views

CVE-2025-52493

PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...

6.5CVSS5.8AI score0.00345EPSS
Exploits0References4
NVD
NVD
added 2025/12/10 5:15 p.m.11 views

CVE-2025-52493

PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...

6.5CVSS0.00345EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.8 views

PT-2025-50352

Name of the Vulnerable Software and Affected Versions PagerDuty Runbook versions through 2025-06-12 Description PagerDuty Runbook through 2025-06-12 has an issue where stored secrets are exposed directly in the webpage Document Object Model DOM at the configuration page. While these secrets are...

6.5CVSS6.6AI score0.00345EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.4 views

PagerDuty Runbook 安全漏洞

PagerDuty Runbook is an automation platform from PagerDuty USA. A security vulnerability exists in PagerDuty Runbook version 2025-06-12 and earlier, which stems from a configuration page that directly exposes stored keys, potentially leading to the disclosure of sensitive information...

6.5CVSS6.3AI score0.00345EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/10 12:0 a.m.3 views

CVE-2025-52493

PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...

6.5AI score0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.35 views

CVE-2025-52493

PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...

0.00345EPSS
Exploits0References4
CVE
CVE
added 2025/12/10 12:0 a.m.22 views

CVE-2025-52493

PagerDuty Runbook (through 2025-06-12) stores secret values in the configuration page DOM. Although fields appear masked, secrets are present in the page source and can be revealed by changing input type from password to text via browser dev tools. Exploitation is described as possible by adminis...

6.5CVSS6.5AI score0.00345EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2019-4690

Malware in sbrugna...

5.9CVSS6AI score0.006EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-10393

Malware in sbrugna...

4.3CVSS4.8AI score0.00947EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.5 views

HCL iAutomate 安全漏洞

HCL iAutomate is a powerful and intelligent runbook automation product from HCL India. A security vulnerability exists in HCL iAutomate that stems from insufficient session expiration and could lead to unauthorized access...

7.1CVSS6.6AI score0.00318EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.5 views

PlexTrac 安全漏洞

PlexTrac is a penetration test reporting and management platform from PlexTrac Inc. in the United States. A security vulnerability exists in PlexTrac versions prior to 1.61.3 through 2.8.1 that stems from an untrustworthy data deserialization vulnerability in the Runbook module, which allows obje...

8.6CVSS7.2AI score0.00349EPSS
Exploits0References1
Kitploit
Kitploit
added 2022/06/05 12:30 p.m.44 views

AzureRT - A Powershell Module Implementing Various Azure Red Team Tactics

Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, switching from Az to AzureAD and az cli interfaces, easy to use pre-made attacks such as Runbook-based command...

7.9AI score
Exploits0References3
OSV
OSV
added 2020/09/09 4:15 p.m.7 views

CVE-2020-24566

In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to run on the server/worker, then under certain circumstances the account password is exposed in...

7.5CVSS7.2AI score0.01812EPSS
Exploits0References2
NVD
NVD
added 2020/02/07 11:15 p.m.31 views

CVE-2019-13163

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...

5.9CVSS5.7AI score0.006EPSS
Exploits0References1
Prion
Prion
added 2020/02/07 11:15 p.m.20 views

Design/Logic Flaw

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...

4.3CVSS5.7AI score0.006EPSS
Exploits0References1Affected Software22
Cvelist
Cvelist
added 2020/02/07 10:45 p.m.40 views

CVE-2019-13163

The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...

5.7AI score0.006EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:43 p.m.16 views

Security Bulletin: A security vulnerability has been identified in IBM Runbook Automation (CVE-2017-1377).

Summary Detailed technical error messages can allow an adversary to gain information about the application and database that could be used to conduct attacks. Vulnerability Details CVEID: CVE-2017-1377 DESCRIPTION: IBM Runbook Automation reveals sensitive information in error messages that could ...

4.3CVSS0.4AI score0.00947EPSS
Exploits0Affected Software1
Microsoft KB
Microsoft KB
added 2018/01/24 12:0 a.m.5 views

Update Rollup 14 for System Center 2012 R2 Orchestrator

Update Rollup 14 for System Center 2012 R2 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 14 for Microsoft System Center 2012 R2 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed Update rollup...

7AI score
Exploits0
CNVD
CNVD
added 2017/08/11 12:0 a.m.6 views

IBM Runbook Automation Information Disclosure Vulnerability

IBM Runbook Automation is a suite of automated operations software from IBM in the United States. The software is used to define, build, edit and manage systems and network operational processes, reducing manual tasks. An information disclosure vulnerability exists in IBM Runbook Automation that...

4.3CVSS6AI score0.00947EPSS
Exploits0References1
NVD
NVD
added 2017/08/10 3:29 p.m.15 views

CVE-2017-1377

IBM Runbook Automation reveals sensitive information in error messages that could be used in further attacks against the system. IBM X-Force ID: 126874...

4.3CVSS4.2AI score0.00947EPSS
Exploits0References3
Rows per page
Query Builder