• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-522

CVE-2020-25235

February 26, 2023 by

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recoverable format. An attacker with access to the network traffic could derive valid logins.

CVE-2020-25175

February 26, 2023 by

GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.

CVE-2020-25184

February 26, 2023 by

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the data in a variable without any additional modification. A local, unauthenticated attacker could compromise the user passwords, resulting in information disclosure.

CVE-2020-24680

February 26, 2023 by

In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.

CVE-2020-24622

February 26, 2023 by

In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed by an admin user.

CVE-2020-24396

February 26, 2023 by

homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 29
  • Go to page 30
  • Go to page 31
  • Go to page 32
  • Go to page 33
  • Interim pages omitted …
  • Go to page 117
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE