Check CVE Id
Check CWE Id
WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure
Sophos Web Appliance 220.127.116.11 Privilege Escalation
Password Safe And Repository Enterprise 7.4.4 Build 2247 Crypto Issues
Netop Remote Control 11.52 / 12.11 Credential Issue
PicsArt Photo Studio For Android Insecure Management
Fundacion Dr. Manuel S...
Privoxy 3.0.20-1 Proxy Authentication Credential Exposure
Chris John Riley
CVEMAP Search Results
Password autocomplete vulnerability in the web application password field of Hitachi ABB Power Grids eSOMS allows attacker to gain access to user credentials that are stored by the browser. This issue affects: Hitachi ABB Power Grids eSOMS version 6.3 and prior versions.
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.
IBM Guardium Data Encryption (GDE) 18.104.22.168 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196217.
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality.
There is a Credentials Management Errors Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may induce users to grant permissions on modifying items in the configuration table,causing system exceptions.
User credentials stored in a recoverable format within Fidelis Network and Deception CommandPost. In the event that an attacker gains access to the CommandPost, these values could be decoded and used to login to the application. The vulnerability is present in Fidelis Network and Deception versions prior to 9.3.3. This vulnerability has been addressed in version 9.3.3 and subsequent versions.
D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges.
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types.
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.
Back to Top