Weaknesses of type CWE-522
555 resultsCVE-2022-32518HIGHA CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed oEPSS 0.5%CVE-2022-40685MEDIUMInsufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enableEPSS 0.5%CVE-2023-25740HIGHAfter downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unEPSS 0.5%CVE-2025-55306CRITICALGenX_FX authentication bypass in JWT validationEPSS 0.5%CVE-2022-36077HIGHElectron subject to Exfiltration of hashed SMB credentials on Windows via file:// redirectEPSS 0.5%CVE-2025-34270MEDIUMNagios Log Server < 2024R2.0.2 AD/LDAP Import Password Not ObfuscatedEPSS 0.5%CVE-2024-22345MEDIUMIBM TXSeries for Multiplatforms information disclosureEPSS 0.5%CVE-2022-27179MEDIUMICSA-22-104-03 Red Lion DA50NEPSS 0.5%CVE-2024-34147MEDIUMJenkins Telegram Bot Plugin 1.4.0 and earlier stores the Telegram Bot token unencrypted in its global configuration file on the Jenkins contEPSS 0.5%CVE-2024-8986CRITICALInformation Leakage in grafana-plugin-sdk-goEPSS 0.5%CVE-2023-37362HIGHWeintek Weincloud Improper AuthenticationEPSS 0.5%CVE-2023-28764LOWInformation Disclosure vulnerability in SAP BusinessObjects PlatformEPSS 0.5%CVE-2023-32988MEDIUMA missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission toEPSS 0.5%CVE-2025-6526LOW70mai M300 HTTP Server insufficiently protected credentialsEPSS 0.5%CVE-2025-6519CRITICALConsistent predictable generation of the password for the default admin user "ONEDAY" to the application servicesEPSS 0.5%CVE-2025-34078HIGHNSClient++ 0.5.2.35 Local Privilege Escalation via ExternalScripts and Web InterfaceEPSS 0.5%CVE-2025-55739MEDIUMapi: Shared OAuth Signing Key Between Different InstancesEPSS 0.5%CVE-2025-64420CRITICALCoolify members can see private key of root userEPSS 0.5%CVE-2021-33589HIGHRibose RNP before 0.15.1 does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than on the tin of EPSS 0.5%CVE-2023-31136LOWPostgresNIO processes unencrypted bytes from man-in-the-middleEPSS 0.5%