Fallos del tipo CWE-522
555 resultadosCVE-2025-54428CRITICALRevelaCode exposes Sensitive MongoDB Atlas URI in .env (potential credential leak)EPSS 0.4%CVE-2025-34196CRITICALVasion Print (formerly PrinterLogic) Hardcoded PrinterLogic CA Private Key and Hardcoded PasswordEPSS 0.4%CVE-2023-43905HIGHIncorrect access control in writercms v1.1.0 allows attackers to directly obtain backend account passwords via unspecified vectors.EPSS 0.4%CVE-2023-25531HIGHNVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploEPSS 0.4%CVE-2024-38505MEDIUMIn JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party siteEPSS 0.4%CVE-2024-41771HIGHIBM Engineering Requirements Management DOORS Next information disclosureEPSS 0.4%CVE-2024-41770HIGHIBM Engineering Requirements Management DOORS Next information disclosureEPSS 0.4%CVE-2025-62157HIGHArgo Workflows exposes artifact repository credentials in workflow-controller logsEPSS 0.4%CVE-2024-36127HIGHapko Exposure of HTTP basic auth credentials in log outputEPSS 0.4%CVE-2020-28390—A vulnerability has been identified in Opcenter Execution Core (V8.2), Opcenter Execution Core (V8.3). The application contains an informatiEPSS 0.4%CVE-2026-42869CRITICALSOCFortress CoPilot: Hardcoded JWT secret allows unauthenticated full admin compromise and lateral movement into all integrated SOC toolsEPSS 0.4%CVE-2026-32171HIGHAzure Logic Apps Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2022-45157HIGHExposure of vSphere's CPI and CSI credentials in RancherEPSS 0.4%CVE-2023-48010CRITICALSTMicroelectronics SPC58 is vulnerable to Missing Protection Mechanism for Alternate Hardware Interface. Code running as Supervisor on the SEPSS 0.4%CVE-2022-26341HIGHInsufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R)EPSS 0.4%CVE-2024-34885MEDIUMInsufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read SMTP accoEPSS 0.4%CVE-2025-54876MEDIUMJans CLI stores plaintext passwords in the local cli_cmd.log fileEPSS 0.4%CVE-2017-16718—Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation in protected environments. This protocol useEPSS 0.4%CVE-2026-33182MEDIUMSaloon is vulnerable to SSRF and credential leakage via absolute URL in endpoint overriding base URLEPSS 0.4%CVE-2020-36968HIGHM/Monit 3.7.4 - Password DisclosureEPSS 0.4%