Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

85 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:42 p.m.6 views

CVE-2025-15621

Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication...

5.7CVSS5.4AI score0.0002EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/05/24 12:0 a.m.4 views

Besen BS20 EV Charging Station 安全漏洞

The Besen BS20 EV Charging Station is an AC electric vehicle wall-mounted charging station developed by the Chinese company Besen. The Besen BS20 EV Charging Station, including versions dated before April 2026, contains security vulnerabilities. These vulnerabilities stem from improper operation ...

5.1CVSS5.8AI score0.00027EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/21 12:41 p.m.8 views

EUVD-2025-209910

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...

7.1CVSS5.8AI score0.00042EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/08 3:31 p.m.8 views

EUVD-2026-28683

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

5.8AI score0.00027EPSS
Exploits0References7
NVD
NVDadded 2026/03/19 9:16 p.m.2 views

CVE-2026-23658

Insufficiently protected credentials in Azure DevOps allows an unauthorized attacker to elevate privileges over a network...

9.8CVSS0.00104EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/03/19 12:0 a.m.2 views

Microsoft Azure DevOps 安全漏洞

Microsoft Azure DevOps is a team collaboration platform provided by the American company Microsoft. There is a security vulnerability in Microsoft Azure DevOps, which stems from insufficient credential protection. This vulnerability could allow unauthorized attackers to gain elevated privileges...

9.8CVSS5.8AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/21 10:24 p.m.5 views

CVE-2025-58742

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

8.5CVSS5.5AI score0.00051EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/20 12:0 a.m.2 views

Browan Communications PrismX MX100 security vulnerabilities

The Browan Communications PrismX MX100 is a wireless router produced by Browan Communications in Taiwan, China. The Browan Communications PrismX MX100 has a security vulnerability, which stems from insufficient credential protection. This vulnerability could allow privileged remote attackers to...

6.9CVSS5.8AI score0.0006EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/01/20 12:0 a.m.4 views

Milner ImageDirector Capture security vulnerability

Milner ImageDirector Capture is a document collection and digital asset management software developed by the American company Milner. Versions of Milner ImageDirector Capture from 7.0.9 to 7.6.3.25808 contained security vulnerabilities. These vulnerabilities were due to insufficient credential...

8.5CVSS5.8AI score0.00051EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 9:36 a.m.14 views

CVE-2024-34882

Insufficiently protected credentials in SMTP server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to send SMTP account passwords to an arbitrary server via HTTP POST request...

6.8CVSS7.2AI score0.00146EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:40 a.m.14 views

CVE-2022-26341

Insufficiently protected credentials in software in IntelR AMT SDK before version 16.0.4.1, IntelR EMA before version 1.7.1 and IntelR MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access...

8.8CVSS7.2AI score0.00296EPSS
Exploits0References1
NVD
NVDadded 2026/01/02 10:15 p.m.2 views

CVE-2025-64122

Insufficiently Protected Credentials vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Signature Spoofing by Key Theft.This issue affects Multi-Stack Controller MSC: through 2.5.1...

7.2CVSS0.00014EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/01/02 12:0 a.m.4 views

Nuvation Energy Multi-Stack Controller 安全漏洞

The Nuvation Energy Multi-Stack Controller is a control unit in a battery management system from Nuvation Energy, Inc. A security vulnerability exists in Nuvation Energy Multi-Stack Controller version 2.5.1 and prior versions, which stems from insufficient credential protection and could lead to...

7.2CVSS6.3AI score0.00014EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/12/12 12:0 a.m.3 views

Apache Fineract 安全漏洞

Apache Fineract is a set of open source digital financial services platform from the U.S. Apache Apache Foundation. The platform can provide users with data management, loan and savings portfolio management and real-time financial data and other functions. Apache Fineract suffers from an...

9.1CVSS5.9AI score0.00097EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/11/17 12:0 a.m.1 views

Digiwin EasyFlow GP 安全漏洞

Digiwin EasyFlow GP is an enterprise process management system from Digiwin Taiwan, China. A security vulnerability exists in Digiwin EasyFlow GP, which stems from insufficient credential protection and could allow a privileged remote attacker to gain access to plaintext database credentials...

6.9CVSS6.9AI score0.00054EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/10/22 1:21 p.m.6 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.7CVSS6.6AI score0.00043EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2014-4694

Malware in sbrugna...

5CVSS6.4AI score0.00225EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-9226

Malware in sbrugna...

9.8CVSS9.5AI score0.00499EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2015-8960

Malware in sbrugna...

9.8CVSS9.5AI score0.01665EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2024-19427

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00098EPSS
Exploits0References2
Rows per page
Query Builder