Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
High
SmartFoxServer 2X 2.17.0 Credential Disclosure
08.02.2021
LiquidWorm
Med.
URVE Software Build 24.03.2020 Information Disclosure
30.12.2020
Erik Steltzner
High
Brickcom 100ap Series Authentication Bypass / CSRF
13.06.2013
Eliezer Varade Lopez
CVEMAP Search Results
CVE
Details
Description
2022-05-11
Medium
CVE-2022-28214
Vendor:
SAP
Software:
Businessobje...
2022-05-09
Low
CVE-2022-28162
Vendor:
Broadcom
Software:
Sannav
Brocade SANnav before version SANnav 2.2.0 logs the REST API Authentication token in plain text.
2022-04-19
Low
CVE-2021-39078
Updating...
IBM Security Guardium 10.5 stores user credentials in plain clear text which can be read by a local privileged user. IBM X-Force ID: 215589.
2022-04-11
Low
CVE-2022-0835
Vendor:
Aveva
Software:
System platform
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.
2022-04-01
Medium
CVE-2022-25158
Updating...
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote attacker to disclose or tamper with a file in which password hash is saved in cleartext.
Low
CVE-2022-25160
Updating...
Cleartext Storage of Sensitive Information vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions and Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions allows a remote unauthenticated attacker to disclose a file in a legitimate user's product by using previously eavesdropped cleartext information and to counterfeit a legitimate user's system.
2022-03-28
Low
CVE-2021-45491
Vendor:
3CX
Software:
3CX
3CX System through 2022-03-17 stores cleartext passwords in a database.
2022-03-21
Medium
CVE-2022-26148
Vendor:
Grafana
Software:
Grafana
An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.
2022-03-10
Low
CVE-2022-26778
Vendor:
Veritas
Software:
System recovery
Veritas System Recovery (VSR) 18 and 21 stores a network destination password in the Windows registry during configuration of the backup configuration. This could allow a Windows user (who has sufficient privileges) to access a network file system that they were not authorized to access.
2022-03-04
Low
CVE-2021-43590
Vendor:
DELL
Software:
Enterprise s...
Dell EMC Enterprise Storage Analytics for vRealize Operations, versions 4.0.1 to 6.2.1, contain a Plain-text password storage vulnerability. A local high privileged malicious user may potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.
Copyright
2022
, cxsecurity.com
Back to Top
