Total
1210 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-6791 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.9 Medium |
| A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface. | ||||
| CVE-2023-6573 | 1 Hp | 1 Oneview | 2024-11-21 | 5.5 Medium |
| HPE OneView may have a missing passphrase during restore. | ||||
| CVE-2023-6254 | 1 Otrs | 1 Otrs | 2024-11-21 | 8.1 High |
| A Vulnerability in OTRS AgentInterface and ExternalInterface allows the reading of plain text passwords which are send back to the client in the server response- This issue affects OTRS: from 8.0.X through 8.0.37. | ||||
| CVE-2023-5552 | 1 Sophos | 1 Firewall | 2024-11-21 | 7.1 High |
| A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. | ||||
| CVE-2023-50311 | 1 Ibm | 1 Cics Transaction Gateway | 2024-11-21 | 3.1 Low |
| IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 could disclose sensitive path information to an attacker that could reveal through debugging or error messages. | ||||
| CVE-2023-4328 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2024-11-21 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | ||||
| CVE-2023-4327 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2024-11-21 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | ||||
| CVE-2023-49106 | 3 Hitachi, Linux, Microsoft | 3 Device Manager, Linux Kernel, Windows | 2024-11-21 | 4.6 Medium |
| Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04. | ||||
| CVE-2023-47741 | 1 Ibm | 2 Db2 Mirror For I, I | 2024-11-21 | 5.3 Medium |
| IBM i 7.3, 7.4, 7.5, IBM i Db2 Mirror for i 7.4 and 7.5 web browser clients may leave clear-text passwords in browser memory that can be viewed using common browser tools before the memory is garbage collected. A malicious actor with access to the victim's PC could exploit this vulnerability to gain access to the IBM i operating system. IBM X-Force ID: 272532. | ||||
| CVE-2023-47722 | 1 Ibm | 1 Api Connect | 2024-11-21 | 6.2 Medium |
| IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912. | ||||
| CVE-2023-47577 | 1 Relyum | 4 Rely-pcie, Rely-pcie Firmware, Rely-rec and 1 more | 2024-11-21 | 9.8 Critical |
| An issue discovered in Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 allows for unauthorized password changes due to no check for current password. | ||||
| CVE-2023-46651 | 1 Jenkins | 1 Warnings | 2024-11-21 | 6.5 Medium |
| Jenkins Warnings Plugin 10.5.0 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. This fix has been backported to 10.4.1. | ||||
| CVE-2023-46115 | 1 Tauri | 1 Tauri | 2024-11-21 | 8.4 High |
| Tauri is a framework for building binaries for all major desktop platforms. This advisory is not describing a vulnerability in the Tauri code base itself but a commonly used misconfiguration which could lead to leaking of the private key and updater key password into bundled Tauri applications using the Vite frontend in a specific configuration. The Tauri documentation used an insecure example configuration in the `Vite guide` to showcase how to use Tauri together with Vite. Copying the following snippet `envPrefix: ['VITE_', 'TAURI_'],` from this guide into the `vite.config.ts` of a Tauri project leads to bundling the `TAURI_PRIVATE_KEY` and `TAURI_KEY_PASSWORD` into the Vite frontend code and therefore leaking this value to the released Tauri application. Using the `envPrefix: ['VITE_'],` or any other framework than Vite means you are not impacted by this advisory. Users are advised to rotate their updater private key if they are affected by this (requires Tauri CLI >=1.5.5). After updating the envPrefix configuration, generate a new private key with `tauri signer generate`, saving the new private key and updating the updater's `pubkey` value on `tauri.conf.json` with the new public key. To update your existing application, the next application build must be signed with the older private key in order to be accepted by the existing application. | ||||
| CVE-2023-44303 | 1 Robware | 1 Rvtools | 2024-11-21 | 7.5 High |
| RVTools, Version 3.9.2 and above, contain a sensitive data exposure vulnerability in the password encryption utility (RVToolsPasswordEncryption.exe) and main application (RVTools.exe). A remote unauthenticated attacker with access to stored encrypted passwords from a users' system could potentially exploit this vulnerability, leading to the disclosure of encrypted passwords in clear text. This vulnerability is caused by an incomplete fix for CVE-2020-27688. | ||||
| CVE-2023-44300 | 1 Dell | 2 Powerprotect Data Manager Dm5500, Powerprotect Data Manager Dm5500 Firmware | 2024-11-21 | 5.5 Medium |
| Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain service credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account. | ||||
| CVE-2023-44158 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-11-21 | 7.5 High |
| Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | ||||
| CVE-2023-43905 | 1 Writercms | 1 Writercms | 2024-11-21 | 7.5 High |
| Incorrect access control in writercms v1.1.0 allows attackers to directly obtain backend account passwords via unspecified vectors. | ||||
| CVE-2023-43777 | 1 Eaton | 1 Easysoft | 2024-11-21 | 5.9 Medium |
| Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored insecurely and could be retrieved by skilled adversaries. | ||||
| CVE-2023-43635 | 1 Linuxfoundation | 1 Edge Virtualization Engine | 2024-11-21 | 8.8 High |
| Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the TPM which is used to encrypt/decrypt the “vault” directory. This “vault” directory is the most sensitive point in the system and as such, its content should be protected. This mechanism is noted in Zededa’s documentation as the “measured boot” mechanism, designed to protect said “vault”. The code that’s responsible for generating and fetching the key from the TPM assumes that SHA256 PCRs are used in order to seal/unseal the key, and as such their presence is being checked. The issue here is that the key is not sealed using SHA256 PCRs, but using SHA1 PCRs. This leads to several issues: • Machines that have their SHA256 PCRs enabled but SHA1 PCRs disabled, as well as not sealing their keys at all, meaning the “vault” is not protected from an attacker. • SHA1 is considered insecure and reduces the complexity level required to unseal the key in machines which have their SHA1 PCRs enabled. An attacker can very easily retrieve the contents of the “vault”, which will effectively render the “measured boot” mechanism meaningless. | ||||
| CVE-2023-43634 | 1 Lfedge | 1 Eve | 2024-11-21 | 8.8 High |
| When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. In that process, PCR 13 was added to the list of PCRs that seal/unseal the key. In commit “56e589749c6ff58ded862d39535d43253b249acf”, the config partition measurement moved from PCR 13 to PCR 14, but PCR 14 was not added to the list of PCRs that seal/unseal the key. This change makes the measurement of PCR 14 effectively redundant as it would not affect the sealing/unsealing of the key. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault” | ||||