17 matches found
CVE-2025-13477 OTP Bypass in Digital Operation Services' WifiBurada
Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...
EUVD-2026-22333
A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection...
CVE-2026-32171
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network...
CVE-2025-62327 HCL DevOps Deploy is susceptible to insufficiently protected credentials
In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...
CVE-2025-64122
Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...
EUVD-2022-33844
Malicious code in bioql PyPI...
CVE-2024-49396
The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information...
IBM Robotic Process Automation Information Disclosure Vulnerability (CNVD-2025-00312)
IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. can help you automate more business and IT processes at scale with the ease and speed of traditional RPA. An information disclosure vulnerability exists in IBM Robotic Process Automati...
IBM CICS Transaction Gateway for Multiplatforms Insufficient Credential Protection Vulnerability
IBM CICS Transaction Gateway is a connector for modernizing enterprise CICS assets from International Business Machines IBM. A security vulnerability exists in IBM CICS Transaction Gateway for Multiplatforms that stems from not using a secure method of transmitting or storing authentication...
Unspecified Vulnerability in Elvaco M-Bus Metering Gateway CMe3100
Elvaco M-Bus Metering Gateway CMe3100 is an M-Bus metering gateway for fixed networks from Elvaco. A security vulnerability in Elvaco M-Bus Metering Gateway CMe3100 version 1.12.1, which stems from insufficient credential protection, can be exploited by an attacker to impersonate Elvaco and send ...
CVE-2022-45859
An insufficiently protected credentials vulnerability CWE-522 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords...
Fortinet FortiNAC Access Control Error Vulnerability (CNVD-2024-26506)
Fortinet FortiNAC is a set of network access control solutions from the U.S. company Fita Fortinet. The product is mainly used for network access control and IoT security. Fortinet FortiNAC has an access control error vulnerability that stems from insufficient credential protection. An attacker...
CVE-2022-32518
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32520. Affected Products: Data Center Expert Versions prior to V7.9.0...
CVE-2022-43959
Insufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldapserveredit.php...
PT-2022-20053 · Intel · Intel Datacenter Group Event Ios Application
Name of the Vulnerable Software and Affected Versions: IntelR Datacenter Group Event iOS application affected versions not specified Description: The issue concerns insufficiently protected credentials in the IntelR Datacenter Group Event iOS application, which may allow an unauthenticated user t...
Mobotix Control Center 安全漏洞
Mobotix Control Center MxCC is a video management software from the German company Mobotix. It has all the features required for a professional and secure control center. A security vulnerability exists in Mobotix Control Center MxCC version 2.5.4.5 and prior versions, which stems from insufficie...
Barco ClickShare Button R9861500D01 Insufficient Credential Protection Vulnerability
The Barco ClickShare Button R9861500D01 is a wireless control device for presentation systems from Barco Belgium. An insufficiently protected credentials vulnerability exists in Barco ClickShare Button R9861500D01 prior to version 1.9.0, which can be exploited by an attacker to obtain the identit...