Lucene search
K

44 matches found

Cvelist
Cvelist
added 2026/04/17 8:38 a.m.30 views

CVE-2025-15624 Plaintext Storage of a Password in Sparx Pro Cloud Server.

Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. In a setup where OpenID is used as the primary method of authentication to authenticate to Sparx EA, Pro Cloud Server creates local passwords to the users and stores them in plaintext...

9.3CVSS0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/27 2:23 p.m.7 views

CVE-2021-27757

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."...

7.5CVSS6.5AI score0.00573EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/14 12:19 p.m.28 views

CVE-2025-13175 Insecure Password Storage in Y Soft SafeQ 6

Y Soft SafeQ 6 renders the Workflow Connector password field in a way that allows an administrator with UI access to reveal the value using browser developer/inspection tools. The affected customers are only those with a password-protected scan workflow connector. This issue affects Y Soft SafeQ ...

5.1CVSS0.00286EPSS
Exploits0References3
CVE
CVE
added 2026/01/14 12:19 p.m.15 views

CVE-2025-13175

CVE-2025-13175 affects Y Soft SafeQ 6; the issue is the Workflow Connector password field being rendered insecurely, allowing an administrator with UI access to reveal the password via browser developer/inspection tools. Affected versions are before MU106. The impact is exposure of the password f...

5.1CVSS6.6AI score0.00286EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.7 views

CVE-2020-10538

An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not be used for such purposes. Additionally, since no salt is used, rainbow tables can speed up the attack...

5.5CVSS7AI score0.0026EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-8844

Malware in sbrugna...

7.5CVSS7.6AI score0.00997EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-29462

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00162EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/14 3:32 p.m.18 views

CVE-2025-22372 Insecure password storage in SicommNet BASEC

Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Passwords are either stored in plain text using reversible encryption, allowing an attacker with sufficient privileges to extract plain text passwords easily. This issue affects BASEC: from 14...

9.3CVSS6.9AI score0.00191EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/14 3:32 p.m.38 views

CVE-2025-22372 Insecure password storage in SicommNet BASEC

Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Passwords are either stored in plain text using reversible encryption, allowing an attacker with sufficient privileges to extract plain text passwords easily. This issue affects BASEC: from 14...

9.3CVSS0.00191EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.9 views

PT-2024-58: Insecure password storage in Yealink Meeting Server (YMS)

The vulnerability was identified in Yealink Meeting Server YMS, versions V26.0.0.67. The discovered vulnerability allows an attacker to obtain static key data, allowing user passwords to be decrypted. Vulnerability status: Confirmed by vendor Date of vulnerability remediation: 06.06.2024...

7.5CVSS6.4AI score0.00373EPSS
Exploits0
Packet Storm
Packet Storm
added 2023/05/16 12:0 a.m.376 views

Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Kiddoware Kids Place Parental Control Android App vulnerable version: =3.8.49 fixed version: 3.8.50 or higher CVE number: CVE-2023-28153...

7.1AI score0.00513EPSS
Exploits3
NVD
NVD
added 2022/03/04 7:15 p.m.21 views

CVE-2021-27757

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."...

7.5CVSS0.00573EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2022/01/03 12:0 a.m.239 views

Backdoor.Win32.Fantador Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/a1d045151c809535a308311931588fd0B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Fantador Vulnerability: Insecure Password Storage Description: The malware has an FT...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2021/12/28 12:0 a.m.328 views

Backdoor.Win32.Visiotrol.10 Insecure Password Storage

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/f9dc0a462ada737f36efafac56f22b97.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Visiotrol.10 Vulnerability: Insecure Password Storage Description: The malware listen...

7.4AI score
Exploits0
OSV
OSV
added 2020/08/11 7:15 p.m.5 views

CVE-2020-9404

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords...

7.1CVSS5.7AI score0.00285EPSS
Exploits0References1
Veracode
Veracode
added 2020/05/10 11:25 p.m.13 views

Information Disclosure

file is vulnerable to information disclosure. The vulnerability exists as BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

7.5CVSS1.4AI score0.00997EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/05/07 12:0 a.m.2 views

BMC Software Control-M/Agent Information Disclosure Vulnerability

BMC Software Control-M is a workload automation solution from BMC Software, USA. The product supports customizing, scheduling, managing and monitoring workflows, etc. BMC Software Control-M/Agent is an agent program for BMC Software Control-M. A security vulnerability exists in BMC Software...

7.5CVSS6.8AI score0.00997EPSS
Exploits0References1
NVD
NVD
added 2020/04/30 2:15 p.m.13 views

CVE-2019-19218

BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

7.5CVSS7.6AI score0.00997EPSS
Exploits0References1
OSV
OSV
added 2020/04/30 2:15 p.m.2 views

CVE-2019-19218

BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

7.5CVSS5.8AI score0.00997EPSS
Exploits0References1
Prion
Prion
added 2020/04/30 2:15 p.m.13 views

Default credentials

BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage...

4.3CVSS7.6AI score0.00997EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder