Lucene search
K

12 matches found

Snyk
Snyk
added 2026/07/01 8:35 p.m.3 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the addLabelsFromOptions function. An attacker can overwrite security-sensitive namespace labels by pushing changes to a monitored repository, thereby weakening admission controls and enabling...

8.8CVSS6AI score0.00508EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.11 views

CVE-2025-13477

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...

7.1CVSS5.4AI score0.00224EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 1:9 p.m.11 views

CVE-2026-7312 CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity

CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, and 15.4.8600 to 15.4.8630 allows a remote unauthenticated attacker to...

10CVSS5.8AI score0.00441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/30 8:47 a.m.4 views

CVE-2026-35155

Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privileged attacker to gain elevated access...

7.1CVSS5.3AI score0.0022EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/07 2:12 p.m.2 views

CVE-2026-5380 runZero Platform cleartext secret exposure

An issue that could allow an authorized user to view the clear-text secrets for a subset of credential types and fields has been resolved. This is an instance of CWE-522: Insufficiently Protected Credentials, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 5.3...

5.3CVSS5.8AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/05 11:39 p.m.34 views

CVE-2026-27770 ePower epower.ie Insufficiently Protected Credentials

Charging station authentication identifiers are publicly accessible via web-based mapping platforms...

6.9CVSS0.00294EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/13 10:1 p.m.4 views

CVE-2025-36096 AIX Insufficiently Protected Credentials

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques...

9CVSS6.3AI score0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/25 4:32 p.m.11 views

CVE-2025-10880 Insufficiently Protected Credentials in Dingtian DT-R002

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request...

8.7CVSS0.00296EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.4 views

PT-2025-32564 · Abb · Abb Aspect

Name of the Vulnerable Software and Affected Versions: ABB Aspect versions prior to 3.08.04-s01 Description: The software contains an insufficiently protected credentials issue. Recommendations: Update to version 3.08.04-s01 or later...

7CVSS7.2AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/04/08 12:0 a.m.6 views

PT-2025-15650 · Adobe · Commerce

Name of the Vulnerable Software and Affected Versions: Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier Description: The issue is related to an Insufficiently Protected Credentials vulnerability, which could lead to a security feature bypass. A high...

4CVSS6AI score0.00419EPSS
Exploits0References9
OSV
OSV
added 2024/02/14 5:15 p.m.4 views

CVE-2023-27975

CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References1
Snyk
Snyk
added 2022/06/09 11:47 p.m.2 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials which leaks the Authorization header after a redirect to a different port on the same site. Remediation Upgrade mechanize to version 2.8.5 or higher. References - GitHub Commit - GitHub PR...

7.5CVSS6.9AI score0.01392EPSS
Exploits0References2
Rows per page
Query Builder