Total
570 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-27175 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has cleartext passwords and 0644 permissions. | ||||
CVE-2021-27176 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has cleartext passwords and 0644 permissions. | ||||
CVE-2021-27178 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored in cleartext in nvram. | ||||
CVE-2021-27174 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleartext passwords and 0644 permissions. | ||||
CVE-2021-27210 | 1 Tp-link | 2 Archer C5v, Archer C5v Firmware | 2024-08-03 | 6.5 Medium |
TP-Link Archer C5v 1.7_181221 devices allows remote attackers to retrieve cleartext credentials via [USER_CFG#0,0,0,0,0,0#0,0,0,0,0,0]0,0 to the /cgi?1&5 URI. | ||||
CVE-2021-27204 | 2 Apple, Telegram | 2 Macos, Telegram | 2024-08-03 | 5.5 Medium |
Telegram before 7.4 (212543) Stable on macOS stores the local passcode in cleartext, leading to information disclosure. | ||||
CVE-2021-27205 | 2 Apple, Telegram | 2 Macos, Telegram | 2024-08-03 | 5.5 Medium |
Telegram before 7.4 (212543) Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure. | ||||
CVE-2021-27140 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2024-08-03 | 7.5 High |
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find passwords and authentication cookies stored in cleartext in the web.log HTTP logs. | ||||
CVE-2024-22084 | 2024-08-03 | 7.5 High | ||
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed through log files. | ||||
CVE-2021-26550 | 1 Smartfoxserver | 1 Smartfoxserver | 2024-08-03 | 5.5 Medium |
An issue was discovered in SmartFoxServer 2.17.0. Cleartext password disclosure can occur via /config/server.xml. | ||||
CVE-2021-25898 | 1 Void | 1 Aural Rec Monitor | 2024-08-03 | 7.5 High |
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server. | ||||
CVE-2021-25692 | 1 Teradici | 1 Pcoip Connection Manager And Security Gateway | 2024-08-03 | 4.6 Medium |
Sensitive smart card data is logged in default INFO logs by Teradici's PCoIP Connection Manager and Security Gateway prior to version 21.01.3. | ||||
CVE-2021-25644 | 1 Couchbase | 1 Couchbase Server | 2024-08-03 | 7.5 High |
An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1 and 7.0.0 Beta. Incorrect commands to the REST API can result in leaked authentication information being stored in cleartext in the debug.log and info.log files, and is also shown in the UI visible to administrators. | ||||
CVE-2021-25645 | 1 Couchbase | 1 Couchbase Server | 2024-08-03 | 4.4 Medium |
An issue was discovered in Couchbase Server before 6.0.5, 6.1.x through 6.5.x before 6.5.2, and 6.6.x before 6.6.1. An internal user with administrator privileges, @ns_server, leaks credentials in cleartext in the cbcollect_info.log, debug.log, ns_couchdb.log, indexer.log, and stats.log files. NOTE: updating the product does not automatically address leaks that occurred in the past. | ||||
CVE-2021-25502 | 1 Google | 1 Android | 2024-08-03 | 7.9 High |
A vulnerability of storing sensitive information insecurely in Property Settings prior to SMR Nov-2021 Release 1 allows attackers to read ESN value without priviledge. | ||||
CVE-2021-25284 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2024-08-03 | 4.4 Medium |
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level. | ||||
CVE-2021-23827 | 4 Apple, Keybase, Microsoft and 1 more | 4 Macos, Keybase, Windows and 1 more | 2024-08-03 | 5.5 Medium |
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker. | ||||
CVE-2021-23182 | 1 Gallagher | 1 Command Centre | 2024-08-03 | 6 Medium |
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); All versions of 8.30. | ||||
CVE-2021-23211 | 1 Gallagher | 1 Command Centre | 2024-08-03 | 6 Medium |
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3). | ||||
CVE-2021-22929 | 1 Brave | 1 Brave | 2024-08-03 | 6.1 Medium |
An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps of connections to V2 onion domains in tor.log. |