CWE:
 

Tytuł
Data
Autor
Med.
OX App Suite SSRF / Resource Consumption / Command Injection
22.06.2023
Mehmet Ince


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-10-16
Waiting for details
CVE-2023-32191

Updating...
 

 
When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin.

 
2024-09-26
Waiting for details
CVE-2024-43694

Updating...
 

 
In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted broadcast communications based on broadcast keys stored on the device.

 
Waiting for details
CVE-2024-47122

Updating...
 

 
In the goTenna Pro application, the encryption keys are stored along with a static IV on the device. This allows for complete decryption of keys stored on the device. This allows an attacker to decrypt all encrypted communications that include P2P, Group, and broadcast messages that use these keys.

 
2024-05-17
Waiting for details
CVE-2022-44581

Updating...
 

 
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through 3.3.2.

 
2024-01-30
Waiting for details
CVE-2024-22193

Updating...
 

 
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.

 
2023-12-14
Waiting for details
CVE-2023-45182

Updating...
 

 
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.

 
2023-09-19
Waiting for details
CVE-2023-32184

Updating...
 

 
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a.

 
2023-09-18
Waiting for details
CVE-2023-41965

Updating...
 

 
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.

 
2023-09-12
Waiting for details
CVE-2023-40728

Updating...
 

 
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.

 
2023-04-16
Waiting for details
CVE-2023-22687

Updating...
 

 
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins �?? Plugin manager and cleanup plugin <= 1.9.4.0 versions.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top