Lucene search
+L

152 matches found

Vulnrichment
Vulnrichment
added 2023/04/25 6:45 p.m.10 views

CVE-2023-28090

An HPE OneView appliance dump may expose SNMPv3 read credentials...

5.5AI score0.0017EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2023/03/08 12:30 p.m.26 views

Easy!Appointments uses hard-coded credentials

Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments 1.4.3 and prior. A patch is available and anticipated to be part of version 1.5.0...

9.8CVSS9AI score0.00743EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2023/01/30 11:15 p.m.23 views

Design/Logic Flaw

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. This CVE is unique from CVE-2022-32518. Affected Products: Data Center Expert Versions prior to V7.9.0...

7.5CVSS9.2AI score0.00532EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.5 views

CVE-2023-24425

Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing attackers with Item/Configure permission to access and potentially capture Kubernetes credentials they are not entitled to...

7AI score0.00821EPSS
Exploits0References1
NVD
NVD
added 2022/12/13 10:15 p.m.47 views

CVE-2022-41653

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system...

9.8CVSS0.00697EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/12/05 9:29 p.m.51 views

CVE-2022-40242 MegaRAC Default Credentials Vulnerability

MegaRAC Default Credentials Vulnerability...

7.5CVSS9.7AI score0.00655EPSS
Exploits0References1
Prion
Prion
added 2022/10/17 4:15 p.m.24 views

Code injection

Insufficiently Protected Credentials: An authenticated user with debug privileges can retrieve stored Nessus policy credentials from the “nessusd” process in cleartext via process dumping. The affected products are all versions of Nessus Essentials and Professional. The vulnerability allows an...

4CVSS6.3AI score0.00644EPSS
Exploits1References1
OSV
OSV
added 2022/09/07 9:15 a.m.14 views

CVE-2021-36783

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE...

9.9CVSS6.4AI score
Exploits0References2
Cvelist
Cvelist
added 2022/09/07 8:20 a.m.25 views

CVE-2021-36783 Rancher: Failure to properly sanitize credentials in cluster template answers

A Insufficiently Protected Credentials vulnerability in SUSE Rancher allows authenticated Cluster Owners, Cluster Members, Project Owners and Project Members to read credentials, passwords and API tokens that have been stored in cleartext and exposed via API endpoints. This issue affects: SUSE...

9.9CVSS9.4AI score0.00671EPSS
Exploits0References2
NVD
NVD
added 2022/09/02 6:15 p.m.17 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

9.8CVSS0.00566EPSS
Exploits0References1
Prion
Prion
added 2022/06/02 2:15 p.m.30 views

Design/Logic Flaw

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number...

4.3CVSS7.2AI score0.03425EPSS
Exploits1References7Affected Software3
OSV
OSV
added 2022/05/13 1:18 a.m.17 views

GHSA-CVH8-9J4X-5V4J Jenkins Artifactory Plugin stored old directly entered credentials unencrypted on disk

An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin before it integrated with...

7.8CVSS7.4AI score0.00333EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/04/27 6:0 a.m.48 views

CVE-2022-27774

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTPS redirects is used with authentication could leak credentials to other services that exist on different protocols ...

5.7CVSS6.8AI score0.01595EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/02/11 12:0 a.m.5 views

Schneider Electric Conext™ComBox 安全漏洞

The Schneider Electric Conext ComBox is a powerful communication and monitoring device from Schneider Electric France. A security vulnerability exists in the Schneider Electric Conext™ ComBox that stems from the presence of an insufficiently protected credentials vulnerability that could result i...

7.5CVSS7.3AI score0.00904EPSS
Exploits0References1
OSV
OSV
added 2022/02/09 11:15 p.m.4 views

CVE-2021-33107

Insufficiently protected credentials in USB provisioning for IntelR AMT SDK before version 16.0.3, IntelR SCS before version 12.2 and IntelR MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially enable information disclosure vi...

4.6CVSS5.8AI score0.00251EPSS
Exploits0References2
CVE
CVE
added 2022/01/24 8:10 p.m.152 views

CVE-2022-22554

Dell EMC System Update, version 1.9.2 and earlier, contains an Unprotected Storage of Credentials vulnerability. A local attacker with user privileges could potentially disclose user passwords. The affected component is the Dell EMC System Update application; the root cause is unprotected storage...

8.2CVSS5.3AI score0.002EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/01/24 8:10 p.m.13 views

CVE-2022-22554

Dell EMC System Update, version 1.9.2 and prior, contain an Unprotected Storage of Credentials vulnerability. A local attacker with user privleges could potentially exploit this vulnerability leading to the disclosure of user passwords...

8.2CVSS8.1AI score0.002EPSS
Exploits0References1
OSV
OSV
added 2022/01/24 4:15 p.m.3 views

CVE-2021-41472

SQL injection vulnerability in Sourcecodester Simple Membership System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username and password parameters...

9.8CVSS6.1AI score0.01254EPSS
Exploits1References1
CVE
CVE
added 2022/01/17 9:10 a.m.63 views

CVE-2022-0184

The CVE-2022-0184 issue affects KING JIM’s TEPRA PRO SR5900P and SR-R7900P label printers (SR5900P ≤1.080; SR-R7900P ≤1.030). The vulnerability is an insufficiently protected credentials flaw that could allow an attacker on an adjacent network to obtain credentials used to connect to the device’s...

4.3CVSS4.5AI score0.00342EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/24 6:30 a.m.18 views

CVE-2021-20826

Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...

7.5AI score0.0039EPSS
Exploits0References2
Rows per page
Query Builder