Lucene search
K

36 matches found

Snyk
Snyk
added 2026/06/06 9:0 p.m.6 views

Unprotected Transport of Credentials

Overview Affected versions of this package are vulnerable to Unprotected Transport of Credentials in the request function in client.rb, which exposes the Authorization: Bearer value. An attacker in control of a malicious endpoint that is the target of redirects can supply a Location header in a...

8.4CVSS5.4AI score
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 1:18 p.m.30 views

CVE-2026-8673 Password re-initialization mechanism sends passwords in plain text

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

5.9CVSS0.00192EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/22 1:18 p.m.6 views

CVE-2026-8673

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

5.9CVSS5.8AI score0.00192EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 5:1 p.m.5 views

CVE-2026-23635

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:57 p.m.5 views

CVE-2026-23635 Kiteworks Secure Data Forms has a potential Unprotected Transport of Credentials

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:57 p.m.19 views

CVE-2026-23635

Kiteworks Secure Data Forms (PDN) has a vulnerability affecting versions prior to 9.2.1 due to a misconfiguration of security attributes that could lead to Unprotected Transport of Credentials. The issue is documented across CVE-2026-23635 with a CVSSv3.1 base score of 6.5 (Network, High attack v...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/14 11:38 p.m.5 views

CVE-2025-64308 Brightpick Mission Control / Internal Logic Control Unprotected Transport of Credentials

The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle to Brightpick AI's documentation portal...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References3
CVE
CVE
added 2025/11/14 11:38 p.m.15 views

CVE-2025-64308

Brightpick Mission Control web application exposes hardcoded credentials in the client-side JavaScript bundle. The vulnerability can enable unauthorized access to credentials and could allow manipulation of robot control functions through an unauthenticated interface and via WebSocket traffic, pe...

7.1CVSS5.8AI score0.0023EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/14 8:25 a.m.7 views

CVE-2025-41718 Murrelektronik: Unprotected Transport of Credentials

A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI...

7.5CVSS0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-13275

Malware in sbrugna...

6.5CVSS6.5AI score0.00528EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/30 2:35 p.m.22 views

CVE-2024-4188 Security vulnerability exists in Documentum server cloud releases that could allow access to sensitive information which can impact system Operation.

Unprotected Transport of Credentials vulnerability in OpenText™ Documentum™ Server could allow Credential Stuffing.This issue affects Documentum™ Server: from 16.7 through 23.4...

7.1CVSS0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/06 10:56 p.m.19 views

CVE-2023-31277 PiiGAB M-Bus Unprotected Transport of Credentials

PiiGAB M-Bus transmits credentials in plaintext format...

7.5CVSS7.7AI score0.00457EPSS
Exploits0References1
NVD
NVD
added 2022/09/02 6:15 p.m.17 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

9.8CVSS0.00545EPSS
Exploits0References1
Prion
Prion
added 2022/09/02 6:15 p.m.17 views

Design/Logic Flaw

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

7.5CVSS9.3AI score0.00545EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/02 5:30 p.m.22 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

8.1CVSS9.6AI score0.00545EPSS
Exploits0References1
CVE
CVE
added 2022/09/02 5:30 p.m.57 views

CVE-2022-34371

Summary: CVE-2022-34371 affects Dell PowerScale OneFS, versions 9.0.0–9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, due to an unprotected transport of credentials. An unprivileged network attacker could exploit this to achieve full system compromise. Affected components/versions: Dell PowerScale OneF...

9.8CVSS9.3AI score0.00545EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/08/04 12:0 a.m.3 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

9.8CVSS5.9AI score0.00545EPSS
Exploits0References2
ICS
ICS
added 2022/01/06 12:0 a.m.47 views

IDEC PLCs

1. EXECUTIVE SUMMARY CVSS v3 7.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: IDEC Equipment: PLCs Programmable Logic Controllers Vulnerabilities: Unprotected Transport of Credentials, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these...

9.8CVSS9.2AI score0.0134EPSS
Exploits0References5
OSV
OSV
added 2021/12/24 7:15 a.m.5 views

CVE-2021-20826

Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...

7.6CVSS5.7AI score0.0039EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/12/24 6:30 a.m.14 views

CVE-2021-20826

Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...

7.5AI score0.0039EPSS
Exploits0References2
Rows per page
Query Builder