358 matches found
CVE-2025-14148 IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability
IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token...
Security Bulletin: IBM DevOps Deploy is susceptible to a Insufficiently Protected Credentials vulnerability (CVE-2025-14148)
Summary IBM DevOps Deploy could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token. CVE-2025-14148 Vulnerability Details CVEID:CVE-2025-14148 DESCRIPTION: IBM DevOps Deploy could allow an authenticated user with LLM integration...
EUVD-2025-203067
Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release...
CVE-2025-58130
Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release...
CVE-2025-58130
Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release...
CVE-2025-58130
Apache Fineract is affected by an Insufficiently Protected Credentials vulnerability up to version 1.11.0. The issue is fixed in 1.12.1, and users are advised to upgrade to 1.13.0 (latest release). The primary public details indicate credential exposure risk but do not describe specific exploitat...
EUVD-2025-202343
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or...
PT-2025-50291
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or...
CVE-2025-13163
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...
CVE-2025-13164 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend...
CVE-2025-13163
CVE-2025-13163 affects EasyFlow GP by Digiwin. The issue is insufficient protection of credentials in the system frontend, enabling privileged remote attackers to obtain plaintext database credentials. Impact is high on confidentiality per the CVSS metrics; exploitation details and a concrete fix...
CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials
EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Insufficiently Protected Credentials in Requests [CVE-2024-47081]
Summary IBM Watson Speech Services Cartridge is vulnerable to Insufficiently Protected Credentials in Requests, due to a URL parsing issue CVE-2024-47081. Requests is used in our speech runtimes This vulnerabilitiy has been addressed. Please read the details for remediation below. Vulnerability...
Barco ClickShare Devices Weak Password Requirements (CVE-2019-18828)
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password. This plugin...
EUVD-2021-20866
Malware in sbrugna...
EUVD-2019-7550
Malware in sbrugna...
EUVD-2022-43956
Malicious code in bioql PyPI...
EUVD-2022-4637
Malicious code in bioql PyPI...
EUVD-2024-42758
Malicious code in bioql PyPI...
EUVD-2023-58504
Malicious code in bioql PyPI...