Lucene search
+L

46 matches found

nvd
nvd
added 2025/07/25 4:15 p.m.10 views

CVE-2025-45466

Unitree Go1 = Go120220511 is vulnerale to Incorrect Access Control due to authentication credentials being hardcoded in plaintext...

8.8CVSS0.00586EPSS
Exploits2References2
redhatcve
redhatcve
added 2025/02/06 1:51 a.m.9 views

CVE-2022-43958

A vulnerability has been identified in QMS Automotive All versions V12.39, QMS Automotive All versions V12.39. User credentials are stored in plaintext in the database without any hashing mechanism. This could allow an attacker to gain access to credentials and impersonate other users...

9.1CVSS6.6AI score0.00317EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/28 12:0 a.m.4 views

HMS EWON FLEXY 202 安全漏洞

HMS EWON FLEXY 202 is a multi-purpose IIoT data gateway from HMS Sweden. Allows machine builders and users to monitor and collect important KPIs for analysis and predictive maintenance. A security vulnerability exists in the HMS EWON FLEXY 202 that stems from transmitting user credentials in...

6.9CVSS6.7AI score0.0014EPSS
Exploits0References4
osv
osv
added 2024/11/13 1:39 p.m.8 views

CVE-2022-45157 Exposure of vSphere's CPI and CSI credentials in Rancher

A vulnerability has been identified in the way that Rancher stores vSphere's CPI Cloud Provider Interface and CSI Container Storage Interface credentials used to deploy clusters through the vSphere cloud provider. This issue leads to the vSphere CPI and CSI passwords being stored in a plaintext...

8.5CVSS6.9AI score0.00438EPSS
Exploits0References4
osv
osv
added 2024/08/15 3:15 a.m.4 views

CVE-2024-25024

IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References2
osv
osv
added 2024/07/17 2:41 p.m.7 views

CVE-2024-6833 Zowe CLI Auto-Init Leaks Credentials Locally

A vulnerability in Zowe CLI allows local, privileged actors to store previously entered secure credentials in a plaintext file as part of an auto-init operation...

5.9CVSS5.9AI score0.00141EPSS
Exploits0References3
cvelist
cvelist
added 2024/06/07 2:23 p.m.30 views

CVE-2024-36790

Netgear WNR614 JNR1010V2/N300-V1.1.0.541.0.1 was discovered to store credentials in plaintext...

0.00347EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2024/01/17 12:0 a.m.8 views

PT-2024-14279 · Skyworth · Skyworth Router Cm5100

Name of the Vulnerable Software and Affected Versions: Skyworth Router CM5100 version 4.1.1.24 Description: This issue exists due to the transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this by eavesdropping on the victim’s network traffic ...

7.5CVSS7.5AI score0.00372EPSS
Exploits0References4
prion
prion
added 2023/10/25 6:17 p.m.12 views

Default credentials

EisBaer Scada - CWE-256: Plaintext Storage of a Password...

7.5CVSS9.4AI score0.00425EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/09/12 9:32 a.m.10 views

CVE-2023-40724

A vulnerability has been identified in QMS Automotive All versions V12.39. User credentials are found in memory as plaintext. An attacker could perform a memory dump, and get access to credentials, and use it for impersonation...

7.3CVSS7AI score0.0012EPSS
Exploits0References1
susecve
susecve
added 2023/02/15 4:40 a.m.3 views

SUSE CVE-2017-13771

Lexmark Scan To Network SNF 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via requests to 1 cgi-bin/direct/printer/prtappauth/apps/snfDestServlet or 2...

9.8CVSS6.7AI score0.03358EPSS
Exploits3References3
cnnvd
cnnvd
added 2022/08/18 12:0 a.m.8 views

Qualys Cloud Agent 日志信息泄露漏洞

Qualys Cloud Agent is a lightweight application from Qualys USA, Inc. A single agent for real-time, global visibility and response. A log message disclosure vulnerability exists in Qualys Cloud Agent version 4.8.0-49 that originates from accidentally writing credentials from environment variables...

5.5CVSS6.4AI score0.00369EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2022/08/16 12:0 a.m.7 views

PT-2022-23303 · Airspan · Airspan Airvelocity 1500

Name of the Vulnerable Software and Affected Versions: Airspan AirVelocity 1500 versions prior to 15.18.00.2511 Description: The web management UI of the affected software displays SNMP credentials in plaintext and stores SNMPv3 credentials unhashed on the filesystem. This allows anyone with web...

9.1CVSS9.2AI score0.00621EPSS
Exploits0References4
osv
osv
added 2022/07/06 9:15 p.m.5 views

CVE-2022-27548

HCL Launch stores user credentials in plain clear text which can be read by a local user...

5.5CVSS6.1AI score0.0047EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/07/06 12:0 a.m.8 views

HCL Technologies HCL Launch 安全漏洞

HCL Technologies HCL Launch is a versatile, enterprise-grade continuous delivery automation software from HCL Technologies, India. for handling the most complex deployment processes in DevOps. HCL Technologies HCL Launch suffers from an information disclosure vulnerability that stems from storing...

5.5CVSS5.6AI score0.0047EPSS
Exploits0References2
cnvd
cnvd
added 2020/09/18 12:0 a.m.10 views

CloudBees Jenkins DeployHub Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . DeployHub Plugin is used in which an...

4.3CVSS6.2AI score0.0064EPSS
Exploits0References1
cnvd
cnvd
added 2020/03/17 12:0 a.m.5 views

Lenovo XClarity Administrator Information Disclosure Vulnerability (CNVD-2020-19571)

Lenovo XClarity Administrator LXCA is a centralized resource management solution from Lenovo, China. The product is capable of providing agentless hardware management for servers, storage, network switches, and more. A security vulnerability exists in Lenovo LXCA version 2.6.0, which originated...

7.9CVSS6.8AI score0.00306EPSS
Exploits0
cnvd
cnvd
added 2019/10/08 12:0 a.m.4 views

Unspecified Vulnerability in CloudBees Jenkins Google Calendar Plugin

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Google Calendar Plugin is used in one of the...

6.5CVSS6.9AI score0.01001EPSS
Exploits0References1
osv
osv
added 2019/10/01 2:15 p.m.3 views

CVE-2019-10435

Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure...

7.5CVSS7.1AI score
Exploits0References2
osv
osv
added 2019/09/25 4:15 p.m.4 views

CVE-2019-10421

Jenkins Azure Event Grid Build Notifier Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

4.3CVSS5.8AI score0.00812EPSS
Exploits0References2
Rows per page
Query Builder