Fallos del tipo CWE-522
557 resultadosCVE-2025-53660MEDIUMJenkins QMetry Test Management Plugin 1.13 and earlier does not mask Qmetry Automation API Keys displayed on the job configuration form, incEPSS 0.2%CVE-2025-53657MEDIUMJenkins ReadyAPI Functional Testing Plugin 1.11 and earlier does not mask SLM License Access Keys, client secrets, and passwords displayed oEPSS 0.2%CVE-2021-34733MEDIUMCisco Prime Infrastructure and Cisco Evolved Programmable Network Manager Information Disclosure VulnerabilityEPSS 0.2%CVE-2026-43992CRITICALJunoClaw: MCP write tools exposed raw BIP-39 mnemonic as a tool-call parameterEPSS 0.2%CVE-2025-13477HIGHOTP Bypass in Digital Operation Services' WifiBuradaEPSS 0.2%CVE-2020-10710—A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This EPSS 0.2%CVE-2024-46341HIGHTP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker exEPSS 0.2%CVE-2026-53840MEDIUMOpenClaw < 2026.5.12 - Custom Header Leakage via MCP Streamable HTTP Cross-Origin RedirectsEPSS 0.2%CVE-2025-53661MEDIUMJenkins Testsigma Test Plan run Plugin 1.6 and earlier does not mask Testsigma API keys displayed on the job configuration form, increasing EPSS 0.2%CVE-2026-0715HIGHMoxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An EPSS 0.2%CVE-2025-62327MEDIUMHCL DevOps Deploy is susceptible to insufficiently protected credentialsEPSS 0.2%CVE-2026-27027MEDIUMEveron api.everon.io Insufficiently Protected CredentialsEPSS 0.2%CVE-2021-1392HIGHCisco IOS and IOS XE Software Common Industrial Protocol Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-35155HIGHDell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerabiEPSS 0.2%CVE-2025-62345LOWHCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” VulnerabilityEPSS 0.2%CVE-2021-40503—An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficEPSS 0.2%CVE-2025-53669MEDIUMJenkins VAddy Plugin 1.2.8 and earlier does not mask Vaddy API Auth Keys displayed on the job configuration form, increasing the potential fEPSS 0.2%CVE-2021-22780—Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versEPSS 0.2%CVE-2022-38465CRITICALA vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP EPSS 0.2%CVE-2019-25030—In Versa Director, Versa Analytics and VOS, Passwords are not hashed using an adaptive cryptographic hash function or key derivation functioEPSS 0.2%