EUVD-2025-203861

Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric GT Designer3 Version1 GOT2000 all versions and Mitsubishi Electric GT Designer3 Version1 GOT1000 all versions allows a local unauthenticated attacker to obtain plaintext credentials from the project file for GT...

CVE-2025-3784

Cleartext Storage of Sensitive Information Vulnerability in GX Works2 all versions allows an attacker to disclose credential information stored in plaintext from project files. As a result, the attacker may be able to open project files protected by user authentication using disclosed credential...

CVE-2025-61713

A Cleartext Storage of Sensitive Information in Memory vulnerability CWE-316 in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated...

PT-2025-37083

Name of the Vulnerable Software and Affected Versions: Cortex XDR Microsoft 365 Defender Pack affected versions not specified Description: The Cortex XDR Microsoft 365 Defender Pack may allow cleartext exposure of credentials. The severity of this issue is low. Recommendations: At the moment, the...

CVE-2024-56428

The local iLabClient database in itech iLabClient 3.7.1 allows local attackers to read cleartext credentials from the CONFIGS table for their servers configured in the client...

CVE-2024-30406

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

CVE-2023-49341

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-IIGV1.00.011, allows remote attackers to obtain sensitive information via cleartext credential storage in backup.htm component...

CVE-2023-49341

An issue was discovered in Newland Nquire 1000 Interactive Kiosk version NQ1000-IIGV1.00.011, allows remote attackers to obtain sensitive information via cleartext credential storage in backup.htm component...

CVE-2023-49341

CVE-2023-49341 affects Newland Nquire 1000 Interactive Kiosk (NQ1000-II_G_V1.00.011). The issue is cleartext credential storage in the backup.htm component that could allow remote attackers to obtain sensitive information. Root cause appears to be insecure credential storage in that component; de...

Palo Alto Cortex XDR Agent 7.5.x < 7.5.101-CE Cleartext Credential

The version of Palo Alto Cortex XDR Agent installed on the remote Windows host is 7.5 prior to 7.5.101-CE. It is, therefore, affected by an information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices that allows a local system administrator to disclose the adm...

Directory traversal

An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...

CVE-2021-27925

Affects Couchbase Server 6.5.x and 6.6.x up to 6.6.1. The vulnerability arises in the View Engine when Auditing is enabled; a race-condition can cause an internal administrator user (@ns_server) to have credentials leaked in cleartext in the ns_server.info.log. The connected Red Hat and NVD entri...

CVE-2020-7517

A CWE-312: Cleartext Storage of Sensitive Information vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to read user credentials...

Grundfos CIM 500

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Grundfos Pumps Corporation Equipment: CIM 500 Vulnerabilities: Missing Authentication for Critical Function, Unprotected Storage of Credentials 2. RISK EVALUATION Successful exploitation of these...

CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext...

CVE-2018-20781

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext...

Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure Exploit

Exploit for php platform in category web applications -- coding: utf-8 -- Exploit Title: Ericsson-LG iPECS NMS - Cleartext Cred. Dump Vendor Notification: 03-03-2018 - No response Initial CVE: 04-04-2018 Disclosure: 21-04-2018 Exploit Author: Berk Cem Göksel Contact: twitter.com/berkcgoksel ||...

CommonSpot < 7.0.2 / 8.0.3 / 9.0.0 Multiple Vulnerabilities

According to its version number, the CommonSpot install hosted on the remote web server is affected by multiple vulnerabilities : - An access restriction bypass via a direct request. CVE-2014-2859 - Multiple cross-site scripting XSS vulnerabilities. CVE-2014-2860, CVE-2014-2861 - Improper...