Weaknesses of type CWE-312
407 resultsCVE-2023-41964MEDIUMBIG-IP and BIG-IQ Database Variable vulnerabilityEPSS 0.2%CVE-2025-2120LOWThinkware Car Dashcam F800 Pro Configuration File hostapd.conf cleartext storage in a file or on diskEPSS 0.2%CVE-2022-47512MEDIUMSensitive Data Disclosure VulnerabilityEPSS 0.2%CVE-2018-19009—Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti EPSS 0.2%CVE-2024-33470MEDIUMAn issue in the SMTP Email Settings of AVTECH Room Alert 4E v4.4.0 allows attackers to gain access to credentials in plaintext via a passbacEPSS 0.2%CVE-2024-6921HIGHCleartext Username and Password in NAC Telecommunication's NACPremiumEPSS 0.2%CVE-2025-54537MEDIUMIn JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshotsEPSS 0.2%CVE-2025-54538MEDIUMIn JetBrains TeamCity before 2025.07 password exposure was possible via command line in the "hg pull" commandEPSS 0.2%CVE-2019-14890HIGHA vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentiEPSS 0.2%CVE-2025-25613HIGHFS Inc S3150-8T2F 8-Port Gigabit Ethernet L2+ Switch, 8 x Gigabit RJ45, with 2 x 1Gb SFP, Fanless. All versions before 2.2.0D Build 135103 wEPSS 0.2%CVE-2026-33512HIGHAVideo has an unauthenticated decrypt oracle leaking any ciphertextEPSS 0.2%CVE-2024-28065MEDIUMIn Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash.EPSS 0.2%CVE-2023-24442MEDIUMJenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar pEPSS 0.2%CVE-2025-46633HIGHCleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt EPSS 0.2%CVE-2025-62261MEDIUMLiferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92EPSS 0.2%CVE-2024-9798MEDIUMHealth endpoint offers list of onboarded services to unauthenticated usersEPSS 0.2%CVE-2024-21993MEDIUMInformation Disclosure Vulnerability in SnapCenterEPSS 0.2%CVE-2025-55443CRITICALTelpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stEPSS 0.2%CVE-2026-43992CRITICALJunoClaw: MCP write tools exposed raw BIP-39 mnemonic as a tool-call parameterEPSS 0.2%CVE-2025-49728MEDIUMMicrosoft PC Manager Security Feature Bypass VulnerabilityEPSS 0.2%