Weaknesses of type CWE-312
407 resultsCVE-2022-28214—During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are beinEPSS 0.2%CVE-2026-6553HIGHTYPO3 CMS Stores Cleartext Password in User Settings ModuleEPSS 0.2%CVE-2025-70050MEDIUMAn issue pertaining to CWE-312: Cleartext Storage of Sensitive Information was discovered in lesspass lesspass v9.6.9 which allows attackersEPSS 0.2%CVE-2021-38422HIGHDelta Electronics DIALinkEPSS 0.2%CVE-2025-14377HIGHVerve Asset Manager – Plaintext Storage VulnerabilitiesEPSS 0.2%CVE-2018-16498—In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These EPSS 0.2%CVE-2025-46820HIGHphpgt/Dom exposes the GITHUB_TOKEN in Dom workflow run artifactEPSS 0.2%CVE-2023-37468MEDIUMStoring unencrypted LDAP passwords in feedbacksystemEPSS 0.2%CVE-2026-3277MEDIUMThe OpenID Connect (OIDC) authentication configuration in PowerShell
Universal before 2026.1.3 stores the OIDC client secret in cleartext iEPSS 0.2%CVE-2026-7163MEDIUMAssisted-service: assisted-service: authenticated users can gain administrative access to openshift clusters via credential disclosureEPSS 0.2%CVE-2025-59701MEDIUMEntrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker (with elevated privEPSS 0.2%CVE-2024-45718MEDIUMSensitive data disclosure vulnerabilityEPSS 0.2%CVE-2026-3221MEDIUMSensitive
user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker wEPSS 0.2%CVE-2024-53651MEDIUMA vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CEPSS 0.2%CVE-2025-67637MEDIUMJenkins 2.540 and earlier, LTS 2.528.2 and earlier stores build authorization tokens unencrypted in job config.xml files on the Jenkins contEPSS 0.2%CVE-2026-33867CRITICALAVideo has Plaintext Video Password StorageEPSS 0.2%CVE-2024-41691HIGHInsecure Storage of Sensitive Information VulnerabilityEPSS 0.2%CVE-2023-40715MEDIUMA cleartext storage of sensitive information vulnerability [CWE-312] in FortiTester 2.3.0 through 7.2.3 may allow an attacker with access toEPSS 0.2%CVE-2026-6598MEDIUMlangflow-ai langflow Project Creation Endpoint projects.py encrypt_auth_settings cleartext storage in fileEPSS 0.2%CVE-2023-29471MEDIUMLightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain clearEPSS 0.2%