Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
OX App Suite SSRF / Resource Consumption / Command Injection
22.06.2023
Mehmet Ince
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-01-30
CVE-2024-22193
Updating...
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.
2023-12-14
CVE-2023-45182
Updating...
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. By somehow gaining access to the encrypted password, a local attacker could exploit this vulnerability to obtain the password to other systems. IBM X-Force ID: 268265.
2023-09-19
CVE-2023-32184
Updating...
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a.
2023-09-18
CVE-2023-41965
Updating...
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.
2023-09-12
CVE-2023-40728
Updating...
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.
2023-04-16
CVE-2023-22687
Updating...
Insecure Storage of Sensitive Information vulnerability in Jose Mortellaro Freesoul Deactivate Plugins �?? Plugin manager and cleanup plugin <= 1.9.4.0 versions.
2023-01-14
CVE-2022-2815
Updating...
Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10.
2023-01-10
CVE-2023-22469
Updating...
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There are currently no known workarounds. It is recommended that the Nextcloud app Deck is upgraded to 1.8.2.
2022-08-19
CVE-2022-1021
Updating...
Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0.
2022-06-07
Low
CVE-2022-30740
Vendor:
Samsung
Software:
Internet
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.
Copyright
2024
, cxsecurity.com
Back to Top
Polish
English