63 matches found
EUVD-2020-20703
Malware in sbrugna...
EUVD-2018-0234
Malware in sbrugna...
EUVD-2021-9933
Malicious code in bioql PyPI...
EUVD-2022-35591
Malicious code in bioql PyPI...
EUVD-2022-35589
Malicious code in bioql PyPI...
CVE-2023-27975
CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to the project file in EcoStruxure Control Expert when a local user tampers with the memory of the engineering workstation...
CVE-2020-28219
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1 and EcoStruxure Geo SCADA Expert 2020 Original release and Monthly Updates to September 2020, from 83.7551....
CVE-2024-4228
CVE-2024-4228 affects Magarsus Consultancy SSO (Single Sign On) versions 1.0 before 1.1. The vulnerability arises from improper neutralization of special elements used in SQL commands, enabling SQL Injection. Impact is high: exposure of sensitive information, with insufficiently protected credent...
CVE-2023-27975
CVE-2023-27975 affects Schneider Electric EcoStruxure Control Expert, EcoStruxure Process Expert, and Modicon M340/M580 PLCs. Root cause: CWE-522 Insufficiently Protected Credentials allowing a local user to tamper memory and gain unauthorized access to a project file; CVSS v3.1 base score 7.1 (H...
CVE-2023-31187 Avaya IX Workforce Engagement - CWE-522: Insufficiently Protected Credentials
Avaya IX Workforce Engagement v15.2.7.1195 - CWE-522: Insufficiently Protected Credentials...
CVE-2023-31187
CVE-2023-31187 affects Avaya IX Workforce Engagement v15.2.7.1195. The underlying issue is CWE-522: Insufficiently Protected Credentials, leading to potential exposure of sensitive data. According to the sources, the vulnerability has a network attack vector with low complexity and low privileges...
CVE-2023-24506 Milesight NCR/Camera CWE-522: Insufficiently Protected Credentials
Milesight NCR/camera version 71.8.0.6-r5 exposes credentials through an unspecified request...
CVE-2022-45859
An insufficiently protected credentials vulnerability CWE-522 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords...
Design/Logic Flaw
An insufficiently protected credentials vulnerability CWE-522 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords...
CP Plus KVMS Pro
1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: CP Plus Equipment: KVMS Pro Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive credentials and control the...
FortiNAC - Weak password storage
An insufficiently protected credentials vulnerability CWE-522 in FortiNAC may allow an attacker with access to the database to perform attacks to recover the passwords...
CVE-2023-23463
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
Design/Logic Flaw
Sunell DVR, latest version, Insufficiently Protected Credentials CWE-522 may be exposed through an unspecified request...
CVE-2023-24498 Netgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.
An uspecified endpoint in the web server of the switch does not properly authenticate the user identity, and may allow downloading a config page with the password to the switch in clear text...
CVE-2023-23463
The CVE-2023-23463 entry concerns Sunell DVR, latest version, with a vulnerability labeled as Insufficiently Protected Credentials (CWE-522) that may be exposed through an unspecified request. This is a network‑driven issue (CVSSv3.1 base score 7.5, HIGH) with no detailed exploit path provided in...