Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-22163

Malware in sbrugna...

7.5CVSS7.5AI score0.01016EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-0232

Malware in sbrugna...

7.5CVSS6.4AI score0.01316EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-5163

Malware in sbrugna...

8.1CVSS8.2AI score0.01514EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-21857

Malware in sbrugna...

6.7CVSS6.6AI score0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2359

Malicious code in bioql PyPI...

5.9CVSS5.9AI score0.00282EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-59634

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.0008EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 6:30 p.m.22 views

CVE-2025-36599

Summary: Dell PowerFlex Manager VM (Dell PowerFlex Manager VM) versions before 4.6.2.1 are affected by an insertion of sensitive information into log files. A low-privileged, remote attacker could exploit this to disclose user credentials and potentially access the system with the compromised acc...

6.5CVSS6.4AI score0.00238EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.4 views

PT-2025-26164 · D Link · D-Link Dph-400S/Se Voip Phone

Name of the Vulnerable Software and Affected Versions: D-Link DPH-400S/SE VoIP Phone version 1.01 Description: The issue concerns hardcoded provisioning variables, including PROVIS USER PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extrac...

10CVSS6.1AI score0.00489EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.9 views

CVE-2024-42056

Retool self-hosted enterprise through 3.40.0 inserts resource authentication credentials into sent data. Credentials for users with "Use" permissions can be discovered by an authenticated attacker via the /api/resources endpoint. The earliest affected version is 3.18.1...

6.5CVSS6.6AI score0.00212EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:27 p.m.7 views

CVE-2022-23178

An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...

10CVSS6.8AI score0.75711EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:3 a.m.8 views

CVE-2019-13100

The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/sharedprefs/sendanywheredevice.xml...

6.5CVSS6.6AI score0.00754EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/04/16 12:0 a.m.12 views

Mozilla Thunderbird < 137.0.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 137.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-26 advisory. - When an email contains multiple attachments with external links via the...

6.4CVSS6.8AI score0.00313EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/24 6:54 p.m.56 views

CVE-2025-24363 The HL7 FHIR IG publisher may potentially expose GitHub repo user and credential information

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...

4.2CVSS0.00176EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.5 views

PT-2022-3559 · Aethon · Aethon Tug Home Base Server

Name of the Vulnerable Software and Affected Versions: Aethon TUG Home Base Server versions prior to version 24 Description: The issue is related to the lack of input data sanitization in the "Загрузки" component of the TUG Home Base Server, which can lead to a remote attacker conducting a...

9CVSS6AI score0.00567EPSS
Exploits0References4
CVE
CVE
added 2018/01/24 10:0 p.m.70 views

CVE-2017-1000474

The CVE refers to Soyket Chowdhury Vehicle Sales Management System (VSMS) v2017-07-30 with multiple vulnerabilities in login scripts (vehicle.php, profile.php, Actions.php, manage_employee.php, sell.php) enabling SQL Injection and Stored XSS that can lead to remote code execution. Connected data ...

9.8CVSS9.6AI score0.02127EPSS
Exploits4References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/02/21 12:0 a.m.42 views

X-News Password MD5 Hash Authentication Bypass

X-News is a news management system, written in PHP. X-News uses a flat-file database to store information. It will run on most Unix and Linux variants, as well as Microsoft Windows operating systems. X-News stores user ids and passwords, as MD5 hashes, in a world- readable file, 'db/users.txt'...

7.5CVSS5.5AI score0.08051EPSS
Exploits1References2
exploitpack
exploitpack
added 2003/10/01 12:0 a.m.33 views

DCP-Portal 5.5 - advertiser.php?Password SQL Injection

DCP-Portal 5.5 - advertiser.php?Password SQL Injection source: https://www.securityfocus.com/bid/8739/info Multiple SQL Injection vulnerabilities have been discovered that affect DCP-Portal scripts. These issues are likely due to a lack of sufficient sanitization performed on user supplied URI...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/11/07 12:0 a.m.35 views

CuteCast 1.2 - User Credential Disclosure

source: https://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext credentials...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/08 12:0 a.m.30 views

SurfControl SuperScout Email Filter 3.5 - User Credential Disclosure

source: https://www.securityfocus.com/bid/5929/info SurfControl SuperScout Email Filter comes with a web-based interface to provide remote access to administrative facilities. One of the files userlist.asp that comes with the web interface contains a listing of administrative usernames/passwords...

7.4AI score
Exploits0
Rows per page
Query Builder