Total
728 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-4861 | 1 Thycotic | 1 Secret Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended. | |||||
| CVE-2014-1835 | 1 Echor Project | 1 Echor | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table. | |||||
| CVE-2014-0872 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-11-21 | 1.5 LOW | 4.1 MEDIUM |
| The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. IBM X-Force ID: 90988. | |||||
| CVE-2013-5461 | 1 Ibm | 2 Endpoint Manager For Remote Control, Tivoli Remote Control | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309. | |||||
| CVE-2013-2951 | 1 Ibm | 1 Websphere Portal | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. | |||||
| CVE-2008-7320 | 1 Gnome | 1 Seahorse | 2024-11-21 | 2.1 LOW | 6.8 MEDIUM |
| GNOME Seahorse through 3.30 allows physically proximate attackers to read plaintext passwords by using the quickAllow dialog at an unattended workstation, if the keyring is unlocked. NOTE: this is disputed by a software maintainer because the behavior represents a design decision | |||||
| CVE-2003-1605 | 1 Haxx | 1 Curl | 2024-11-20 | 5.0 MEDIUM | 7.5 HIGH |
| curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | |||||
| CVE-2008-1271 | 2024-04-16 | N/A | N/A | ||
| Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1218. Reason: This candidate is a duplicate of CVE-2008-1218. Notes: All CVE users should reference CVE-2008-1218 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | |||||