20 matches found
EUVD-2016-9714
Malware in sbrugna...
EUVD-2019-15208
Malware in sbrugna...
CVE-2025-21003
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information...
CVE-2023-31001
IBM Security Access Manager Container IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653...
CVE-2025-0714 Insecure storage of sensitive information in MobaXTerm <25.0.
The vulnerability exists in the password storage of Mobateks MobaXterm in versions below 25.0. MobaXTerm uses an initialisation vector IV consisting only of zero bytes and a master key to encrypt each password individually. In the default configuration, on opening MobaXTerm, the user is prompted...
CVE-2025-0142 Zoom Jenkins Marketplace plugin - Cleartext Storage of Sensitive Information
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access...
C-MOR Video Surveillance 5.2401 / 6.00PL01 Information Disclosure / Cleartext Secret
Advisory ID: SYSS-2024-028 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Cleartext Storage of Sensitive Information CWE-312 Risk Level: Medium Solution Status: Open Manufacturer...
CVE-2024-4235
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been...
CVE-2023-40715
A cleartext storage of sensitive information vulnerability CWE-312 in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device...
CVE-2023-20111
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An...
Design/Logic Flaw
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5UC CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series...
CVE-2021-22030
Greenplum Database prior to 5.28.14 and 6.17.0: statements can cause sensitive credential information to be logged, enabling a user with log access to read credentials. Multiple connected sources (Red Hat, NVD, Veracode, OSV, CVE lists) corroborate this disclosure; no explicit exploit details or ...
Sensitive Cookie Without 'HttpOnly' Flag in yeswiki/yeswiki
Description The software uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. The HttpOnly flag directs compatible browsers to prevent client-side script from accessing cookies. Including the HttpOnly flag in the Set-Cookie HTTP response header helps...
CVE-2019-15704
A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway...
GE SNMP/Web Interface Vulnerabilities
OVERVIEW Independent researcher Karn Ganeshen has identified two vulnerabilities in the GE SNMP/Web Interface adapter. GE has produced a new firmware version to mitigate the identified vulnerabilities in later model devices. Earlier model SNMP/Web Interface adapters may need to be upgraded to...
Moxa MiiNePort Vulnerabilities
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-145-01 Moxa MiiNePort Vulnerabilities that was published May 24, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Karn Ganeshen has identified weak credential management, sensitive information not...
GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities
Exploit for hardware platform in category web applications Exploit Title: GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Storage of Sensitive Information Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.geindustrial.com/ Versions Reported: All...
Tips for Make Mobile Banking Safe And Secure !
As we all know that wireless applications have numbers of vulnerabilities higher then the wired applications and the devices. In India there are not lots of people who do banking through mobile but outside India there are high profile countries in which many people do banking through mobile only....
Improper access control
Gekko 0.8.2 and earlier stores sensitive information under the web root with possibly insufficient access control, which might allow remote attackers to read certain files under temp/, as demonstrated by a log file that records the titles of blog entries. NOTE: access to temp/ is blocked by...
CVE-2007-0312
wcSimple Poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password hashes via a direct request for password.txt...