Fallos del tipo CWE-522

555 resultados

CVE-2024-37051CRITICALGitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023EPSS 3.8%CVE-2022-27776—A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirecEPSS 3.4%CVE-2022-38121MEDIUMPOWERCOM CO., LTD. UPSMON PRO - Insufficiently Protected CredentialsEPSS 3.4%CVE-2023-50291HIGHApache Solr: System Property redaction logic inconsistency can lead to leaked passwordsEPSS 3.3%CVE-2018-17922—Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessibEPSS 3.2%CVE-2022-47880MEDIUMAn Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to moEPSS 3.2%CVE-2026-22240CRITICALPlaintext Passwords Vulnerability in BLUVOYIXEPSS 3.0%CVE-2026-32315MEDIUMmotionEye: World-Readable Configuration File Exposes Admin Password HashEPSS 2.9%CVE-2020-27839—A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browsEPSS 2.4%CVE-2021-30167CRITICALMERIT LILIN ENT.CO.,LTD. P2/Z2/P3/Z3 IP camera - Broken AuthenticationEPSS 2.4%CVE-2021-35965CRITICALLearningdigital.com, Inc. Orca HCM - Hard-code passwordEPSS 2.4%CVE-2017-6028—An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and ModEPSS 2.3%CVE-2020-6969—It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotelyEPSS 2.2%CVE-2024-23733HIGHThe /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote EPSS 2.2%CVE-2023-30846CRITICALtyped-rest-client vulnerable to potential leak of authentication data to 3rd partiesEPSS 2.2%CVE-2020-15157MEDIUMcontainerd can be coerced into leaking credentials during image pullEPSS 2.2%CVE-2019-3800MEDIUMCF CLI writes the client id and secret to config fileEPSS 2.1%CVE-2023-30776MEDIUMApache Superset: Database connection password leakEPSS 2.1%CVE-2025-25570CRITICALVue Vben Admin 2.10.1 allows unauthorized login to the backend due to an issue with hardcoded credentials.EPSS 2.0%CVE-2018-17900—Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentiaEPSS 1.9%

← anteriorpágina 2 / 28siguiente →