Weaknesses of type CWE-312
407 resultsCVE-2023-44159MEDIUMSensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber ProteEPSS 0.4%CVE-2023-22949MEDIUMAn issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL access requeEPSS 0.4%CVE-2021-42066—SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypteEPSS 0.4%CVE-2023-50957HIGHIBM Storage Defender - Resiliency Service privilege escalationEPSS 0.4%CVE-2023-29480HIGHRibose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.EPSS 0.4%CVE-2020-6980—Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versionsEPSS 0.4%CVE-2023-48700MEDIUMClear Text Credentials Exposed via Onboarding TaskEPSS 0.4%CVE-2022-38112HIGHSensitive Information Disclosure VulnerabilityEPSS 0.4%CVE-2020-8276—The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between 1.1 and 1.18.35 logged the timestamp of when the useEPSS 0.4%CVE-2021-22929—An information disclosure exists in Brave Browser Desktop prior to version 1.28.62, where logged warning messages that included timestamps oEPSS 0.4%CVE-2023-2809HIGHUse of Cleartext credentials in Sage 200 SpainEPSS 0.4%CVE-2022-2805MEDIUMA flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. This flaw allowsEPSS 0.4%CVE-2023-30531MEDIUMJenkins Consul KV Builder Plugin 2.0.13 and earlier does not mask the HashiCorp Consul ACL Token on the global configuration form, increasinEPSS 0.4%CVE-2023-30528MEDIUMJenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potentEPSS 0.4%CVE-2022-34339MEDIUM"IBM Cognos Analytics 11.2.1, 11.2.0, 11.1.7 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-FEPSS 0.4%CVE-2024-22084HIGHAn issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Cleartext passwords and hashes are exposed throughEPSS 0.4%CVE-2022-45897MEDIUMOn Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored clearteEPSS 0.4%CVE-2019-16638HIGHAn issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with siEPSS 0.4%CVE-2022-3540MEDIUMAn issue has been discovered in hunter2 affecting all versions before 2.1.0. Improper handling of auto-completion input allows an authenticaEPSS 0.4%CVE-2023-51702MEDIUMApache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer serviceEPSS 0.4%