Weaknesses of type CWE-256
207 resultsCVE-2024-55026HIGHAn issue in the reset_pj.cgi endpoint of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to execute arbitrarEPSS 0.3%CVE-2024-4232MEDIUMPassword Storage in Plaintext Vulnerability in Digisol RouterEPSS 0.3%CVE-2024-3624HIGHMirror-registry: database user and password stored in plain-textEPSS 0.3%CVE-2024-3625HIGHMirror-registry: redis password stored in plain-textEPSS 0.3%CVE-2025-1709MEDIUMCVE-2025-1709EPSS 0.3%CVE-2025-2500CRITICALA vulnerability exists in the SOAP Web services of the Asset
Suite versions listed below. If successfully exploited, an attacker
could gaiEPSS 0.3%CVE-2021-47961HIGHA plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence EPSS 0.3%CVE-2025-61680MEDIUMMinecraft RCON Terminal: Plain Text Password Storage in ConfigurationEPSS 0.3%CVE-2026-6597MEDIUMlangflow-ai langflow Flow Using API core.py has_api_terms credentials storageEPSS 0.3%CVE-2022-43958HIGHA vulnerability has been identified in QMS Automotive (All versions < V12.39), QMS Automotive (All versions < V12.39). User credentials are EPSS 0.3%CVE-2025-13221MEDIUMIntelbras UnniTI usuarios.xml credentials storageEPSS 0.3%CVE-2025-53664MEDIUMJenkins Apica Loadtest Plugin 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the JeEPSS 0.3%CVE-2025-53655MEDIUMJenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potenEPSS 0.3%CVE-2018-25396HIGHHeatmiser Wifi Thermostat 1.7 Credential Disclosure via networkSetup.htmEPSS 0.3%CVE-2018-7515—In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectEPSS 0.3%CVE-2023-4400MEDIUM
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and cEPSS 0.3%CVE-2026-35556CRITICALPlaintext storage of a password in OpenPLC_V3EPSS 0.3%CVE-2022-3261MEDIUMPlain-text passwords saved in /var/log/messagesEPSS 0.3%CVE-2025-53675MEDIUMJenkins Warrior Framework Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller, where they EPSS 0.3%CVE-2025-31724MEDIUMJenkins Cadence vManager Plugin 4.0.0-282.v5096a_c2db_275 and earlier stores Verisium Manager vAPI keys unencrypted in job config.xml files EPSS 0.3%