92 matches found
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
PagerDuty Runbook 安全漏洞
PagerDuty Runbook is an automation platform from PagerDuty USA. A security vulnerability exists in PagerDuty Runbook version 2025-06-12 and earlier, which stems from a configuration page that directly exposes stored keys, potentially leading to the disclosure of sensitive information...
PT-2025-50352
Name of the Vulnerable Software and Affected Versions PagerDuty Runbook versions through 2025-06-12 Description PagerDuty Runbook through 2025-06-12 has an issue where stored secrets are exposed directly in the webpage Document Object Model DOM at the configuration page. While these secrets are...
CVE-2025-52493
PagerDuty Runbook (through 2025-06-12) stores secret values in the configuration page DOM. Although fields appear masked, secrets are present in the page source and can be revealed by changing input type from password to text via browser dev tools. Exploitation is described as possible by adminis...
CVE-2025-52493
PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear masked as password fields, the actual secret values are present in the page source and can be revealed by simply modifying the input field type from...
EUVD-2017-10393
Malware in sbrugna...
EUVD-2019-4690
Malware in sbrugna...
HCL iAutomate 安全漏洞
HCL iAutomate is a powerful and intelligent runbook automation product from HCL India. A security vulnerability exists in HCL iAutomate that stems from insufficient session expiration and could lead to unauthorized access...
Update Rollup 3 for System Center 2022 Orchestrator
Update Rollup 3 for System Center 2022 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center Orchestrator 2022. This article also contains the installation instructions for this update. Issues that are fixed Read Line activity...
PlexTrac 安全漏洞
PlexTrac is a penetration test reporting and management platform from PlexTrac Inc. in the United States. A security vulnerability exists in PlexTrac versions prior to 1.61.3 through 2.8.1 that stems from an untrustworthy data deserialization vulnerability in the Runbook module, which allows obje...
AzureRT - A Powershell Module Implementing Various Azure Red Team Tactics
Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, switching from Az to AzureAD and az cli interfaces, easy to use pre-made attacks such as Runbook-based command...
CVE-2020-24566
In Octopus Deploy 2020.3.x before 2020.3.4 and 2020.4.x before 2020.4.1, if an authenticated user creates a deployment or runbook process using Azure steps and sets the step's execution location to run on the server/worker, then under certain circumstances the account password is exposed in...
CVE-2019-13163
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
Design/Logic Flaw
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
CVE-2019-13163
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V...
Update Rollup 1 for System Center Orchestrator 2019
Update Rollup 1 for System Center Orchestrator 2019 Introduction This article describes the issues that are fixed in Update Rollup 1 for Microsoft System Center Orchestrator 2019. This article also contains the installation instructions for this update. Issues that are fixed Events pane of the...
Update Rollup 7 for System Center 2016 Orchestrator
Update Rollup 7 for System Center 2016 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2016 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed Monitor Data/Time...
Update Rollup 5 for System Center 2016 Orchestrator
Update Rollup 5 for System Center 2016 Orchestrator Introduction This article describes the issues that are fixed in Update Rollup 5 for Microsoft System Center 2016 Orchestrator. This article also contains the installation instructions for this update. Issues that are fixed When you view the...