CVE-2026-31850

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other...

CVE-2026-31850 Plaintext Storage of Credentials in Configuration Backup in Nexxt Nebula 300+

Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 stores sensitive information, including administrative credentials and WiFi pre-shared keys, in plaintext within exported configuration backup files. These backup files can be obtained through legitimate functionality or other...

Weintek cMT 安全漏洞

Weintek cMT is a human-computer interface application developed by Weintek Corporation. Version 2.1.53 of Weintek cMT contains a security vulnerability, which stems from the uactemp.db component storing credentials in plaintext...

CVE-2024-55027

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...

Johnson Controls Frick Controls Quantum HD 安全漏洞

Johnson Controls Frick Controls Quantum HD is a high-end microprocessor control panel designed specifically for industrial refrigeration systems by Johnson Controls. The version 10.22 and earlier of Johnson Controls Frick Controls Quantum HD contained a security vulnerability. This vulnerability...

CVE-2026-0767

Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2025-67159

Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext...

PT-2026-1105

Name of the Vulnerable Software and Affected Versions Vatilon version 1.12.37-20240124 Description The software transmits user credentials in plaintext. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability...

CVE-2025-63364

Waveshare RS232/485 TO WIFI ETH B Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to transmit Administrator credentials in plaintext...

CVE-2025-63364

Waveshare RS232/485 TO WIFI ETH B Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to transmit Administrator credentials in plaintext...

EUVD-2014-6160

Malware in sbrugna...

EUVD-2002-1462

Malware in sbrugna...

EUVD-2017-1353

Malware in sbrugna...

CVE-2025-55280 Information Disclosure Vulnerability in ZKTeco WL20

This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...

CVE-2025-45466

Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...

CVE-2022-43958

A vulnerability has been identified in QMS Automotive All versions V12.39, QMS Automotive All versions V12.39. User credentials are stored in plaintext in the database without any hashing mechanism. This could allow an attacker to gain access to credentials and impersonate other users...

HMS EWON FLEXY 202 安全漏洞

HMS EWON FLEXY 202 is a multi-purpose IIoT data gateway from HMS Sweden. Allows machine builders and users to monitor and collect important KPIs for analysis and predictive maintenance. A security vulnerability exists in the HMS EWON FLEXY 202 that stems from transmitting user credentials in...

CVE-2022-45157

A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext...

CVE-2024-25024

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430...