Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
High
Canon PIXMA TR4550 1.020 / 1.080 Unencrypted Secret Storage
06.08.2023
Manuel Stotz
Med.
WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure
28.05.2017
Kyle Lovett
Med.
Sophos Web Appliance 4.2.1.3 Privilege Escalation
05.11.2016
Matt Bergin
Med.
Password Safe And Repository Enterprise 7.4.4 Build 2247 Crypto Issues
13.10.2015
Matthias Deeg
Med.
Netop Remote Control 11.52 / 12.11 Credential Issue
25.08.2015
Matthias Deeg
Low
PicsArt Photo Studio For Android Insecure Management
07.11.2014
Fundacion Dr. Manuel S...
High
Privoxy 3.0.20-1 Proxy Authentication Credential Exposure
12.03.2013
Chris John Riley
CVEMAP Search Results
CVE
Details
Description
2024-10-22
CVE-2024-9677
Updating...
The insufficiently protected credentials vulnerability in the CLI command of the USG FLEX H series uOS firmware version V1.21 and earlier versions could allow an authenticated local attacker to gain privilege escalation by stealing the authentication token of a login administrator. Note that this attack could be successful only if the administrator has not logged out.
CVE-2024-43812
Updating...
Kieback & Peter's DDC4000 series has an insufficiently protected credentials vulnerability, which may allow an unauthenticated attacker with access to /etc/passwd to read the password hashes of all users on the system.
2024-10-20
CVE-2024-44000
Updating...
Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1.
2024-10-17
CVE-2024-7755
Updating...
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials.
CVE-2024-49396
Updating...
The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.
2024-10-08
CVE-2024-47161
Updating...
In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API
2024-09-22
CVE-2024-40703
Updating...
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and IBM Cognos Analytics Reports for iOS 11.0.0.7 could allow a local attacker to obtain sensitive information in the form of an API key. An attacker could use this information to launch further attacks against affected applications.
2024-09-19
CVE-2024-47162
Updating...
In JetBrains YouTrack before 2024.3.44799 token could be revealed on Imports page
2024-09-05
CVE-2024-39278
Updating...
Credentials to access device configuration information stored unencrypted in flash memory. These credentials would allow read-only access to network configuration information and terminal configuration data.
2024-08-15
CVE-2024-40704
Updating...
IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.
Copyright
2024
, cxsecurity.com
Back to Top
