Fallos del tipo CWE-319
488 resultadosCVE-2023-30514HIGHJenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the builEPSS 0.5%CVE-2021-42699MEDIUMAzeoTech DAQFactoryEPSS 0.5%CVE-2021-3473MEDIUMAn internal product security audit of Lenovo XClarity Controller (XCC) discovered that the XCC configuration backup/restore password may be EPSS 0.5%CVE-2021-3792MEDIUMSome device communications in some Motorola-branded Binatone Hubble Cameras with backend Hubble services are not encrypted which could lead EPSS 0.5%CVE-2018-10634MEDIUMMedtronic MiniMed MMT-500/MMT-503 Remote Controllers Cleartext Transmission of Sensitive InformationEPSS 0.5%CVE-2025-0784MEDIUMIntelbras InControl Registered User usuario cleartext transmissionEPSS 0.5%CVE-2024-35060HIGHAn issue in the YAML Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands via supplying a crafted YAML fileEPSS 0.5%CVE-2024-4161HIGHSyslog traffic sent in clear-textEPSS 0.5%CVE-2020-9420MEDIUMThe login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent in cleartext, allowing an attacker to sEPSS 0.5%CVE-2025-69969CRITICALA lack of authentication and authorization mechanisms in the Bluetooth Low Energy (BLE) communication protocol of SRK Powertech Pvt Ltd PebbEPSS 0.5%CVE-2019-14942MEDIUMAn issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Cookies for GitEPSS 0.5%CVE-2026-1777HIGHCleartext transmission of sensitive materials in aws/sagemaker-python-sdkEPSS 0.5%CVE-2023-23841HIGHSolarWinds Serv-U Exposure of Sensitive Information VulnerabilityEPSS 0.5%CVE-2020-12048—Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLEPSS 0.5%CVE-2023-39245CRITICAL
DELL ESI (Enterprise Storage Integrator) for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. AnEPSS 0.4%CVE-2024-35059HIGHAn issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows attackers to execute arbitrary commands.EPSS 0.4%CVE-2023-25016HIGHCouchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor.EPSS 0.4%CVE-2023-30354CRITICALShenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi passwoEPSS 0.4%CVE-2023-28348HIGHAn issue was discovered in Faronics Insight 10.0.19045 on Windows. A suitably positioned attacker could perform a man-in-the-middle attack oEPSS 0.4%CVE-2022-32245—SAP BusinessObjects Business Intelligence Platform (Open Document) - versions 420, 430, allows an unauthenticated attacker to retrieve sensiEPSS 0.4%