15 matches found
CVE-2022-42931
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username not password was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox 106...
Beward Intercom 安全漏洞
Beward Intercom is an IP video intercom system from the Russian company Beward. A security vulnerability exists in Beward Intercom version 2.3.1, which stems from credentials being stored in plaintext in an unencrypted file, which could lead to credential disclosure...
Nextcloud Desktop Client 安全漏洞
Nextcloud Desktop Client is an open source file synchronization and sharing tool from Nextcloud GmbH. A security vulnerability exists in Nextcloud Desktop Client versions prior to 3.16.5, which stems from the unencrypted sending of file paths in an end-to-end encrypted directory, which could lead...
EUVD-2025-35164
All WorkExaminer Professional traffic between monitoring client, console and server is transmitted as plain text. This allows an attacker with access to the network to read the transmitted sensitive data. An attacker can also freely modify the data on the wire. The monitoring clients transmit the...
EUVD-2008-1435
Malware in sbrugna...
CVE-2022-42931
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk. Instead, the username not password was saved by the Form Manager to an unencrypted file on disk. This vulnerability affects Firefox 106...
SmartFoxServer 2X 2.17.0 Credential Disclosure
SmartFoxServer 2X 2.17.0 Credentials Disclosure Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6 SmartFoxServer 2X, Pro, Basic Summary: SmartFoxServer SFS is a comprehensive SDK for rapidly developing multiplayer games and...
SmartFoxServer 2X 2.17.0 - Credentials Disclosure
Exploit Title: SmartFoxServer 2X 2.17.0 - Credentials Disclosure Date: 29.01.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com SmartFoxServer 2X 2.17.0 Credentials Disclosure Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Serve...
BEWARD Intercom 2.3.1 - Credentials Disclosure Exploit
Exploit for windows platform in category local exploits !/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For...
BEWARD Intercom 2.3.1 Credentials Disclosure
Summary Multiaccessible User Operation, Electronic Lock Control, Real-Time Video, Two-Way Audio. The software is used for BEWARD IP video door stations control. Description The application stores logs and sensitive information in an unencrypted binary file called BEWARD.INTERCOM.FDB. A local...
Code injection
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted...
CVE-2008-2780
The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...
Design/Logic Flaw
The Anubis aka Anubis+Ripe160 plugin before 1.3 for encrypt stores the unencrypted file's size in cleartext in the header of the encrypted file, which allows attackers to distinguish between encrypted data and random padding at the end of the encrypted file...
CVE-2008-1431
RaidSonic NAS-4220-B with 2.6.0-n2007-10-11 firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key...
DBTools DBManager catalog.mdb Plaintext Local Credential Disclosure
The remote host is running DBManager from DBTool - a GUI to manage MySQL and PostgreSQL databases. This program stores the passwords and IP addresses of the managed databases in an unencrypted file. A local attacker could use the data in this file to log into the managed databases and execute...