CVE-2026-9139

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a hard-coded credential vulnerability in the embedded web configuration interface where authentication is implemented entirely in client-side JavaScript in login.zhtml, exposing static plaintext credentials in the page source...

CVE-2026-22911

The CVE-2026-22911 issue concerns firmware update files that may expose password hashes for system accounts, enabling a remote attacker to recover credentials and gain unauthorized access to the device. Public references identify this as impacting SICK TDC-X401GL (and related advisories), with th...

EUVD-2024-30702

Malicious code in bioql PyPI...

CVE-2024-32932

CVE-2024-32932 affects Johnson Controls Illustra Essentials Gen 4 (Illustra.Ess4.01.02.10.5982 and earlier). The issue stems from storing web interface user passwords in a recoverable format, enabling an authenticated user to recover credentials under certain conditions (CWE-257). CVSS v3.1 base ...

CVE-2024-32756 American Dynamics Illustra Essentials Gen 4 - Reversible User Credential - Linux

Under certain circumstances the Linux users credentials may be recovered by an authenticated user...

PT-2024-24987 · Johnson Controls · American Dynamics Illustra Essentials Gen 4 +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: affected versions not specified Description: The issue allows an authenticated user to recover another user's credentials under certain circumstances. Recommendations: At the moment, there is n...

CVE-2024-30406 Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

The vulnerability of the SCALANCE X switch’s microprogramming software, related to incorrect data storage formatting, allows a intruder to restore passwords.

The vulnerability of the SCALANCE X microcontroller’s software is related to incorrect storage of user credentials. Exploiting this vulnerability could allow an intruder to retrieve passwords from the device access to the device’s configuration files is required...

Credentials Recovery: The LaZagne Project

The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different techniques plaintext, APIs, custom algorithms, databases, etc.. This tool has been developed for the purpose of finding these passwor...