Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Low
Polar Flow Android 5.7.1 Secret Disclosure
20.08.2022
Karima Hebbal
High
SmartFoxServer 2X 2.17.0 Credential Disclosure
08.02.2021
LiquidWorm
Med.
URVE Software Build 24.03.2020 Information Disclosure
30.12.2020
Erik Steltzner
High
Brickcom 100ap Series Authentication Bypass / CSRF
13.06.2013
Eliezer Varade Lopez
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-09-30
CVE-2024-8459
Updating...
Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials.
2024-09-26
CVE-2024-7259
Updating...
A flaw was found in oVirt. A user with administrator privileges, including users with the ReadOnlyAdmin permission, may be able to use browser developer tools to view Provider passwords in cleartext.
2024-09-19
CVE-2024-45862
Updating...
Kastle Systems firmware prior to May 1, 2024, stored machine credentials in cleartext, which may allow an attacker to access sensitive information.
2024-08-02
CVE-2024-38877
Updating...
A vulnerability has been identified in Omnivise T3000 Application Server (All versions), Omnivise T3000 Domain Controller (All versions), Omnivise T3000 Network Intrusion Detection System (NIDS) (All versions), Omnivise T3000 Product Data Management (PDM) (All versions), Omnivise T3000 Security Server (All versions), Omnivise T3000 Terminal Server (All versions), Omnivise T3000 Thin Client (All versions), Omnivise T3000 Whitelisting Server (All versions). The affected devices stores initial system credentials without sufficient protection. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss allowing the attacker to laterally move within the affected network.
2024-07-10
CVE-2024-25023
Updating...
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281429.
2024-05-14
CVE-2024-4840
Updating...
An flaw was found in the OpenStack Platform (RHOSP) director, a toolset for installing and managing a complete RHOSP environment. Plaintext passwords may be stored in log files, which can expose sensitive information to anyone with access to the logs.
CVE-2024-31486
Updating...
A vulnerability has been identified in OPUPI0 AMQP/MQTT (All versions < V5.30). The affected devices stores MQTT client passwords without sufficient protection on the devices. An attacker with remote shell access or physical access could retrieve the credentials leading to confidentiality loss.
2024-04-26
CVE-2024-4235
Updating...
A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-262126 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2024-04-19
CVE-2023-37396
Updating...
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.
2024-04-18
CVE-2024-3742
Updating...
Electrolink transmitters store credentials in clear-text. Use of these credentials could allow an attacker to access the system.
Copyright
2024
, cxsecurity.com
Back to Top