EUVD-2019-2217

Malware in sbrugna...

EUVD-2016-8253

Malware in sbrugna...

EUVD-2013-2541

Malware in sbrugna...

EUVD-2014-7881

Malware in sbrugna...

EUVD-2022-46847

Malicious code in bioql PyPI...

CVE-2025-5731 Infinispan: credential leakage in infinispan cli

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

CVE-2022-43877 IBM UrbanCode Deploy (UCD) information disclosure

IBM UrbanCode Deploy UCD versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. IBM X-Force ID: 240148...

Design/Logic Flaw

The Hawk Console component of TIBCO Software Inc.'s TIBCO Hawk and TIBCO Operational Intelligence Hawk RedTail contains a vulnerability that will return the EMS transport password and EMS SSL password to a privileged user. Affected releases are TIBCO Software Inc.'s TIBCO Hawk: versions 6.1.0...

Moderate: Red Hat Security Advisory: ovirt-engine-metrics security, bug fix, and enhancement update

An update for ovirt-engine-metrics is now available for Red Hat Virtualization Engine 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ovirt-engine-metrics: disclosure of sensitive passwords in log files and ansible playbooks

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files if playbooks are run with -v or in playbooks stored on Metrics or Bastion hosts...

CVE-2019-10194

Sensitive passwords used in deployment and configuration of oVirt Metrics, all versions. were found to be insufficiently protected. Passwords could be disclosed in log files if playbooks are run with -v or in playbooks stored on Metrics or Bastion hosts...

NetApp Clustered Data ONTAP Password Disclosure Vulnerability

NetApp Clustered Data ONTAP is a set of storage operating system for clustered mode from American NetApp. The system supports users to enhance the performance of enterprise applications and improve data center flexibility and so on. A security vulnerability exists in NetApp Clustered Data ONTAP. ...

Nextcloud: bug reporting template encourages users to paste config file with passwords

The dangerous bug reporting template ============================= The github bug reporting template for nextcloud's server and some apps contains this: The content of config/config.php: If you have access to your command line run e.g.: sudo -u www-data php occ config:list system from within your...

CVE-2016-3724

Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration...

Weak Bank Password Policies Leave 350 Million Vulnerable, Say Researchers

Should passwords that protect your financial data be less secure than the ones used to lock up selfies, cat videos and tweets swapped on social networks? In a study that looked at the password strength required to access website account for Wells Fargo, Capital One and 15 other banks, researchers...

Information disclosure

Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files...

CVE-2012-3310

IBM Tivoli Federated Identity Manager TFIM before 6.1.1.14, 6.2.0 before 6.2.0.12, and 6.2.1 before 6.2.1.4 allows context-dependent attackers to discover 1 a cleartext LDAP Bind Password, 2 keystore passwords, 3 a cleartext Basic Authentication password from a client, or 4 a cleartext user...

CVE-1999-1188

mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database...