Lucene search
K

144 matches found

CNNVD
CNNVD
added 2025/08/13 12:0 a.m.6 views

ZKTeco WL20 安全漏洞

ZKTeco WL20 is a smart fingerprint time and attendance machine from China's Entropy Base Technology ZKTeco. A security vulnerability exists in the ZKTeco WL20 that originates from the storage of plaintext Wi-Fi credentials and configuration data in the device's firmware, which could allow a...

5.2CVSS6.5AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2025/07/24 5:15 p.m.7 views

CVE-2025-45702

SoftPerfect Pty Ltd Connection Quality Monitor v1.1 was discovered to store all credentials in plaintext...

6.5CVSS0.00242EPSS
Exploits0References2
NVD
NVD
added 2025/07/18 6:15 p.m.7 views

CVE-2025-52164

Software GmbH Agorum core open v11.9.2 & v11.10.1 was discovered to store credentials in plaintext...

8.2CVSS0.00237EPSS
Exploits0References1
CVE
CVE
added 2025/07/18 12:0 a.m.21 views

CVE-2025-52164

CVE-2025-52164 affects Agorum core open, versions 11.9.2 and 11.10.1 . The vulnerability is due to credentials being stored in plaintext, impacting confidentiality (HIGH) while other properties remain unchanged; CVSS 3.1 base score 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N). Connected sources conf...

8.2CVSS7.4AI score0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/03 11:20 a.m.5 views

CVE-2025-1709 CVE-2025-1709

Several credentials for the local PostgreSQL database are stored in plain text partially base64 encoded...

6.5CVSS6.8AI score0.00337EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.9 views

CVE-2019-10286

Jenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01773EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.7 views

CVE-2019-10351

Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:45 a.m.8 views

CVE-2019-10280

Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

8.8CVSS6.7AI score0.01773EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:45 a.m.9 views

CVE-2017-1000245

The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file...

9.8CVSS6.7AI score0.01441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:13 a.m.14 views

CVE-2019-10378

Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.3CVSS6.7AI score0.00502EPSS
Exploits0References1
OSV
OSV
added 2025/04/25 4:8 p.m.6 views

MAL-2025-191849 Malicious code in qtpv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e0cfa610f53699fb3d04d6296bf28540a6162be41a7268566e999b070b517a6 Importing the module starts exfiltration of ".session" files, which appear to be used at least by one Telegram library...

6.9AI score
Exploits0References1
Veracode
Veracode
added 2025/03/21 9:28 a.m.10 views

Credentials Exposure

github.com/openshift/hive is vulnerable to credential exposure. The vulnerability is due to improper handling of sensitive credentials, allowing them to be stored in the ClusterProvision object instead of being securely managed within Kubernetes Secrets...

8.2CVSS6.3AI score0.00452EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/17 12:31 a.m.10 views

CVE-2025-2355 BlackVue App API Endpoint credentials storage

A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCSTOKEN/SECRETKEY leads to unprotected storage of credentials. Local access is...

4.8CVSS3.9AI score0.0015EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/17 12:31 a.m.22 views

CVE-2025-2355 BlackVue App API Endpoint credentials storage

A vulnerability was found in BlackVue App 3.65 on Android and classified as problematic. Affected by this issue is some unknown functionality of the component API Endpoint Handler. The manipulation of the argument BCSTOKEN/SECRETKEY leads to unprotected storage of credentials. Local access is...

4.8CVSS0.0015EPSS
Exploits0References4
CVE
CVE
added 2025/03/17 12:31 a.m.113 views

CVE-2025-2355

The CVE-2025-2355 entry concerns BlackVue App 3.65 on Android. The vulnerability affects an unknown portion of the API Endpoint Handler where manipulating BCS_TOKEN/SECRET_KEY leads to unprotected storage of credentials. Local access is required, and public disclosure of the exploit is indicated....

4.8CVSS3.9AI score0.0015EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/14 5:23 a.m.21 views

CVE-2024-36790

Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 was discovered to store credentials in plaintext...

8.8CVSS7.1AI score0.00349EPSS
Exploits1References1
NVD
NVD
added 2025/02/11 1:15 a.m.5 views

CVE-2025-24870

SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to access information within systems, resulting in privilege escalation. On successful exploitation, this could result in disclosure of highly sensitive...

6CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/30 5:40 p.m.10 views

CVE-2025-0497 Rockwell Automation FactoryTalk® AssetCentre Data Exposure Vulnerability

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages...

7.3CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 5:40 p.m.48 views

CVE-2025-0497

Rockwell Automation FactoryTalk AssetCentre before V15.00.001 is affected by a data exposure vulnerability in the configuration files of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, and ArchiveLogCleanUp packages. The issue arises from storing credentials insecurely in these configu...

9.8CVSS6.5AI score0.00315EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/11/11 12:0 a.m.6 views

The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner, allowing a malicious actor to gain unauthorized access to protected information.

The vulnerability of the MXview One and MXview One Central Manager industrial network management platforms lies in the storage of credentials in an open manner. Exploiting this vulnerability could allow a perpetrator to gain unauthorized access to protected information...

7.1CVSS5.4AI score0.00113EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder