Total
986 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3251 | 1 Tenable | 1 Nessus | 2024-02-28 | N/A | 4.9 MEDIUM |
| A pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: before 10.6.0. | |||||
| CVE-2023-44158 | 3 Acronis, Linux, Microsoft | 3 Cyber Protect, Linux Kernel, Windows | 2024-02-28 | N/A | 7.5 HIGH |
| Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979. | |||||
| CVE-2023-37951 | 1 Jenkins | 1 Mabl | 2024-02-28 | N/A | 6.5 MEDIUM |
| Jenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | |||||
| CVE-2023-27315 | 1 Netapp | 1 Snapgathers | 2024-02-28 | N/A | 5.5 MEDIUM |
| SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials | |||||
| CVE-2023-23370 | 1 Qnap | 1 Qvpn | 2024-02-28 | N/A | 4.4 MEDIUM |
| An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.1.0.0518 and later | |||||
| CVE-2023-40173 | 1 Fobybus | 1 Social-media-skeleton | 2024-02-28 | N/A | 7.5 HIGH |
| Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2023-36082 | 1 Gatesair | 2 Flexiva Fax 150w, Flexiva Fax 150w Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials. | |||||
| CVE-2023-20965 | 1 Google | 1 Android | 2024-02-28 | N/A | 9.8 CRITICAL |
| In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-43777 | 1 Eaton | 1 Easysoft | 2024-02-28 | N/A | 6.5 MEDIUM |
| Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. This software has a password protection functionality to secure the project file from unauthorized access. This password was being stored insecurely and could be retrieved by skilled adversaries. | |||||
| CVE-2023-46115 | 1 Tauri | 1 Tauri | 2024-02-28 | N/A | 5.5 MEDIUM |
| Tauri is a framework for building binaries for all major desktop platforms. This advisory is not describing a vulnerability in the Tauri code base itself but a commonly used misconfiguration which could lead to leaking of the private key and updater key password into bundled Tauri applications using the Vite frontend in a specific configuration. The Tauri documentation used an insecure example configuration in the `Vite guide` to showcase how to use Tauri together with Vite. Copying the following snippet `envPrefix: ['VITE_', 'TAURI_'],` from this guide into the `vite.config.ts` of a Tauri project leads to bundling the `TAURI_PRIVATE_KEY` and `TAURI_KEY_PASSWORD` into the Vite frontend code and therefore leaking this value to the released Tauri application. Using the `envPrefix: ['VITE_'],` or any other framework than Vite means you are not impacted by this advisory. Users are advised to rotate their updater private key if they are affected by this (requires Tauri CLI >=1.5.5). After updating the envPrefix configuration, generate a new private key with `tauri signer generate`, saving the new private key and updating the updater's `pubkey` value on `tauri.conf.json` with the new public key. To update your existing application, the next application build must be signed with the older private key in order to be accepted by the existing application. | |||||
| CVE-2023-25531 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and escalation of privileges. | |||||
| CVE-2023-43633 | 1 Lfedge | 1 Eve | 2024-02-28 | N/A | 8.8 HIGH |
| On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions. This could be used to unlock the ssh with custom “authorized_keys” via the “debug.enable.ssh” key, similar to the “authorized_keys” finding that was noted before. Other usages include unlocking the usb to enable the keyboard via the “debug.enable.usb” key, allowing VNC access via the “app.allow.vnc” key, and more. An attacker could easily enable these debug functionalities without triggering the “measured boot” mechanism implemented by EVE OS, and without marking the device as “UUD” (“Unknown Update Detected”). This is because the “/config” partition is not protected by “measured boot”, it is mutable and it is not encrypted in any way. An attacker can gain full control over the device without changing the PCR values, thereby not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot. | |||||
| CVE-2023-25760 | 1 Uniguest | 1 Tripleplay | 2024-02-28 | N/A | 8.8 HIGH |
| Incorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords via a crafted request payload | |||||
| CVE-2023-28088 | 1 Hp | 1 Oneview | 2024-02-28 | N/A | 7.8 HIGH |
| An HPE OneView appliance dump may expose SAN switch administrative credentials | |||||
| CVE-2023-36476 | 1 Nixos | 1 Calamares-nixos-extensions | 2024-02-28 | N/A | 5.5 MEDIUM |
| calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted `/boot`, on either non-UEFI systems or with a LUKS partition different from `/` have their LUKS key file in `/boot` as a plaintext CPIO archive attached to their NixOS initrd. A patch is available and anticipated to be part of version 0.3.13 to backport to NixOS 22.11, 23.05, and unstable channels. Expert users who have a copy of their data may, as a workaround, re-encrypt the LUKS partition(s) themselves. | |||||
| CVE-2023-28857 | 1 Apereo | 1 Central Authentication Service | 2024-02-28 | N/A | 7.5 HIGH |
| Apereo CAS is an open source multilingual single sign-on solution for the web. Apereo CAS can be configured to use authentication based on client X509 certificates. These certificates can be provided via TLS handshake or a special HTTP header, such as “ssl_client_cert”. When checking the validity of the provided client certificate, X509CredentialsAuthenticationHandler performs check that this certificate is not revoked. To do so, it fetches URLs provided in the “CRL Distribution Points” extension of the certificate, which are taken from the certificate itself and therefore can be controlled by a malicious user. If the CAS server is configured to use an LDAP server for x509 authentication with a password, for example by setting a “cas.authn.x509.ldap.ldap-url” and “cas.authn.x509.ldap.bind-credential” properties, X509CredentialsAuthenticationHandler fetches revocation URLs from the certificate, which can be LDAP urls. When making requests to this LDAP urls, Apereo CAS uses the same password as for initially configured LDAP server, which can lead to a password leak. An unauthenticated user can leak the password used to LDAP connection configured on server. This issue has been addressed in version 6.6.6. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-31187 | 1 Avaya | 1 Ix Workforce Engagement | 2024-02-28 | N/A | 6.5 MEDIUM |
| Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials | |||||
| CVE-2023-33263 | 1 Wftpd Project | 1 Wftpd | 2024-02-28 | N/A | 7.5 HIGH |
| In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. NOTE: this is a product from 2006. | |||||
| CVE-2023-26204 | 1 Fortinet | 1 Fortisiem | 2024-02-28 | N/A | 9.8 CRITICAL |
| A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM 6.7 all versions, 6.6 all versions, 6.5 all versions, 6.4 all versions, 6.3 all versions, 6.2 all versions, 6.1 all versions, 5.4 all versions, 5.3 all versions may allow an attacker able to access user DB content to impersonate any admin user on the device GUI. | |||||
| CVE-2023-32687 | 1 Tgstation13 | 1 Tgstation-server | 2024-02-28 | N/A | 6.5 MEDIUM |
| tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prior to 5.12.1, instance users with the list chat bots permission can read chat bot connections strings without the associated permission. This issue is patched in version 5.12.1. As a workaround, remove the list chat bots permission from users that should not have the ability to view connection strings. Invalidate any credentials previously stored for safety. | |||||