CVE-2022-27217

Jenkins Vmware vRealize CodeStream Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

EUVD-2022-2336

Malicious code in bioql PyPI...

EUVD-2025-20839

Malicious code in bioql PyPI...

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2025-53675

Jenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

CVE-2023-24450

Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

CVE-2025-31725

Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

The vulnerability of the IBM Tivoli Workload Scheduler software lies in the fact that it stores passwords in an unencrypted form, allowing a malicious individual to exploit this to disclose protected information.

The vulnerability of the IBM Tivoli Workload Scheduler software lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a hacker to disclose the protected information...

The vulnerability of ASUS RT-N12+ B1 router’s microprogramming software, related to the storage of passwords in an unencrypted form, allows a intruder to gain unauthorized access to protected information.

The vulnerability of ASUS RT-N12+ B1 router’s microprogramming software is related to deficiencies in the protection of registration data. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the Rapid SCADA system, related to the storage of passwords in an unencrypted form, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SCADA system Rapid SCADA is related to the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a intruder to gain unauthorized access to protected information...

The vulnerability of the MODULYS GP (MOD3GP-SY-120K) web-based management application allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the MODULYS GP MOD3GP-SY-120K web-based management application relates to the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2023-36140

In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts...

The vulnerability of the application development environment for ISaGRAF programmable logic controllers allows attackers to access password information stored in an unencrypted form, thereby enabling them to compromise the protected data.

The vulnerability in the development environment for ISaGRAF Runtime Rockwell Automation applications relates to the storage of passwords in an unencrypted form. Exploiting this vulnerability could allow a hacker to disclose the protected information...

SUSE CVE-2017-1000113

The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with...

CVE-2022-45392

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...

CVE-2022-45392

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system...

CVE-2022-3781

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote...

CVE-2022-34806

Jenkins Jigomerge Plugin 0.9 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

CVE-2022-34199

Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in the storage of passwords in an unencrypted form, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the serial interface converters NPort IA5150A/IA5250A, IA5450A lies in the storage of passwords in an unencrypted form. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...