CVE-2025-41718 Murrelektronik: Unprotected Transport of Credentials

A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI...

EUVD-2003-1578

Malware in sbrugna...

EUVD-2001-0972

Malware in sbrugna...

CVE-2025-44251

Ecovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process...

CVE-2023-24619

Redpanda before 22.3.12 discloses cleartext AWS credentials. The import functionality in the rpk binary logs an AWS Access Key ID and Secret in cleartext to standard output, allowing a local user to view the key in the console, or in Kubernetes logs if stdout output is collected. The fixed versio...

CVE-2013-3585

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving 1 direct access to a file or 2 the user-setup web page...

PT-2025-16923 · Veritas +1 · Arctera/Veritas Data Insight +1

Name of the Vulnerable Software and Affected Versions: Arctera/Veritas Data Insight versions prior to 7.1.2 Description: The issue concerns the transmission of cleartext credentials when Arctera/Veritas Data Insight is configured to use HTTP Basic Authentication to a Dell Isilon OneFS server...

Linux Distros Unpatched Vulnerability : CVE-2018-1074

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including clearte...

CVE-2024-28275

Puwell Cloud Tech Co, Ltd 360Eyes Pro v3.9.5.163090516 was discovered to transmit sensitive information in cleartext. This vulnerability allows attackers to intercept and access sensitive information, including users' credentials and password change requests...

PT-2023-18569 · Danfoss · Danfoss Ak-Em100

Name of the Vulnerable Software and Affected Versions: Danfoss AK-EM100 affected versions not specified Description: The issue concerns the storage of login credentials in cleartext. This means that the credentials are not encrypted, potentially allowing unauthorized access. No information is...

DEBIAN-CVE-2022-31085

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the session files include the LDAP user name and password in clear text if the PHP OpenSSL extension is not installed or encryption is disabled by...

CVE-2020-11924

An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials are stored in cleartext in flash memory, which presents an information-disclosure risk for a discarded or resold device...

CVE-2019-13100

The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/sharedprefs/sendanywheredevice.xml...

CVE-2019-13099

The Momo application 2.1.9 for Android stores confidential information insecurely on the system i.e., in cleartext, which allows a non-root user to find out the username/password of a valid user and a user's access token via Logcat...

CVE-2013-4114

The automatic update request in Nagstamont before 0.9.10 uses a cleartext base64 format for transmission of a username and password, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2001-0990

Inter7 vpopmail 4.10.35 and earlier, when using the MySQL module, compiles authentication information in cleartext into the libvpopmail.a library, which allows local users to obtain the MySQL username and password by inspecting the vpopmail programs that use the library...