RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2019:2817)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2817 advisory. - HTTP/2: flood using PING frames results in unbounded memory growth CVE-2019-9512 - HTTP/2: flood using HEADERS frames results in...

SODOLA SL902-SWTGW124AS 安全漏洞

SODOLA SL902-SWTGW124AS is an industrial switch manufactured by the Spanish company SODOLA. Versions of SODOLA SL902-SWTGW124AS prior to version 200.1.20 have security vulnerabilities. These vulnerabilities stem from the transmission of authentication credentials via unencrypted HTTP communicatio...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.272.b10-1.el7 (AXSA:2020-822:18)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-822:18 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.272.b10-0.AXS4 (AXSA:2020-821:17)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-821:17 advisory. OpenJDK: Credentials sent over unencrypted LDAP connection JNDI, 8237990 CVE-2020-14781 OpenJDK: Certificate blacklist bypass via alternate certifica...

CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...

CVE-2024-39278

Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configuration data...

CVE-2019-25279

FaceSentry Access Control System 6.4.8 contains a cleartext password storage vulnerability that allows attackers to access unencrypted credentials in the device's SQLite database. Attackers can directly read sensitive login information stored in /faceGuard/database/FaceSentryWeb.sqlite without...

CVE-2019-16556

Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

CVE-2019-16557

Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

PT-2026-1677

Name of the Vulnerable Software and Affected Versions FaceSentry Access Control System version 6.4.8 Description The FaceSentry Access Control System stores passwords in cleartext within the device’s SQLite database. This allows attackers to access unencrypted credentials directly from the...

ROS-20251223-7320

Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

ROS-20251223-7319

Vulnerability in jenkins related to unencrypted storage of credentials. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure (cisco-sa-roomos-inf-disc-qGgsbxAm)

According to its self-reported version, Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure is affected by a vulnerability. - A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an...

CVE-2025-20329

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

EUVD-2025-34668

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

CVE-2025-20329

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

CVE-2025-20329 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

CVE-2025-20329 Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint CE and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid...

Cisco TelePresence Collaboration Endpoint Software 日志信息泄露漏洞

Cisco TelePresence Collaboration Endpoint Software is a suite of collaboration endpoint software from Cisco. A log information disclosure vulnerability exists in Cisco TelePresence Collaboration Endpoint Software, which stems from unencrypted credentials being stored when logging is enabled for t...