Search Vulnerabilities

Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret

Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7

Sparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authentication

Azure Logic Apps Elevation of Privilege Vulnerability

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer

HAX CMS's public /server-status endpoint exposes authentication tokens, user activity, and client IP addresses

Private Key stored as extractable in browser IndexeDB

Search Guard audit logs can contain under certain conditions user credentials

OpenClaw < 2026.3.12 - Long-lived Credential Exposure in Pairing Setup Codes

Wazuh GitHub Actions Workflow Exposure of Sensitive Credentials

Cache Misconfiguration Leading to Cross-User Data Exposure

Saloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URL

Multiple Vulnerabilities in IBM Concert Software

IBM InfoSphere Information Server is vulnerable to disclosure of sensitive information

Session hijacking via exposed session signing secret in distributed Checkmk setups

OpenClaw < 2026.3.7 - Custom Authorization Header Leakage via Cross-Origin Redirects

IGL-Technologies eParking.fi Insufficiently Protected Credentials

CTEK Chargeportal Insufficiently Protected Credentials

Azure DevOps: msazure Elevation of Privilege Vulnerability