PT-2026-31694

Name of the Vulnerable Software and Affected Versions OpenPLC V3 affected versions not specified Description OpenPLC V3 is susceptible to a flaw involving the storage of passwords in plaintext. This could allow an attacker to obtain credentials and access sensitive information. Recommendations At...

EUVD-2025-206310

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

CVE-2025-58741

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

CVE-2025-58741 Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808...

CVE-2021-31857

In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types...

CVE-2025-59379

DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...

CVE-2025-9982

CVE-2025-9982 affects QuickCMS 6.8. The vulnerability is due to sensitive admin credentials hardcoded in a plaintext configuration file, allowing attackers with access to the source code or server filesystem to retrieve credentials and potentially escalate privileges. Only version 6.8 was tested ...

EUVD-2019-7961

Malware in sbrugna...

EUVD-2017-17037

Malware in sbrugna...

EUVD-2018-8075

Malware in sbrugna...

EUVD-2021-18732

Malware in sbrugna...

EUVD-2025-5470

Malicious code in bioql PyPI...

CVE-2025-26437

The CVE-2025-26437 issue is described across multiple sources as a missing privilege check in CredentialManagerServiceStub (CredentialManagerService.java), enabling local information disclosure by retrieving candidate credentials without requiring extra privileges. Exploitation is possible withou...

CVE-2025-43485

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update...

CVE-2025-43485 Poly Clariti Manager - Multiple Security Vulnerabilities

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update...

CVE-2025-43485 Poly Clariti Manager - Multiple Security Vulnerabilities

A potential security vulnerability has been identified in the Poly Clariti Manager for versions prior to 10.12.2. The vulnerability could potentially allow a privileged user to retrieve credentials from the log files. HP has addressed the issue in the latest software update...

CVE-2025-49653

Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform...

ASB-A-370477460

In CredentialManagerServiceStub of CredentialManagerService.java, there is a possible way to retrieve candidate credentials due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2019-17655

A cleartext storage in a file or on disk CWE-313 vulnerability in FortiOS SSL VPN 6.2.0 through 6.2.2, 6.0.9 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an attacker to retrieve a logged-in SSL VPN user's credentials should that attacker be able to read the session file stored on...

CVE-2025-31362

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment...