Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
WIN-911 7.17.00 Insecure File Permissions / Plaintext Password Storage
07.09.2016
sh4d0wman
High
Easy Hosting Control Panel 0.37.9 Bypass / File Upload / Disclosure
31.03.2016
Kyle Lovett
High
Western Digital My Net Password Disclosure
02.08.2013
K Lovett
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-04-25
CVE-2024-3622
Updating...
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a malicious actor to craft session cookies and as a consequence, it may lead to gaining access to the affected Quay instance.
CVE-2024-3623
Updating...
A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same database secret key. This flaw allows a malicious actor to access sensitive information from Quay's database.
CVE-2024-3624
Updating...
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.
CVE-2024-3625
Updating...
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance.
2024-04-03
CVE-2024-28782
Updating...
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698.
2024-03-26
CVE-2024-25138
Updating...
In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on the device.
2024-02-08
CVE-2023-6518
Updating...
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MIA-MED allows Read Sensitive Strings Within an Executable.This issue affects MIA-MED: before 1.0.7.
2023-10-25
CVE-2023-42493
Updating...
EisBaer Scada - CWE-256: Plaintext Storage of a Password
2023-09-18
CVE-2023-39452
Updating...
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.
2023-09-15
CVE-2023-4984
Updating...
A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239795.
Copyright
2024
, cxsecurity.com
Back to Top