Weaknesses of type CWE-522
555 resultsCVE-2022-29089MEDIUMDell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. AEPSS 0.5%CVE-2023-32280MEDIUMInsufficiently protected credentials in some Intel(R) Server Product OpenBMC firmware before versions egs-1.05 may allow an unauthenticated EPSS 0.5%CVE-2023-1574MEDIUMInformation disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on WindoEPSS 0.5%CVE-2024-5176CRITICALVulnerability in Welch Allyn Configuration Tool SoftwareEPSS 0.5%CVE-2023-29168LOWPTC Vuforia Studio Insufficiently Protected CredentialsEPSS 0.5%CVE-2026-23958HIGHDataEase Vulnerable to Brute-Force Attack on Admin JWT Secret Derived from Password that Enables Full Account TakeoverEPSS 0.5%CVE-2023-31187MEDIUMAvaya IX Workforce Engagement - CWE-522: Insufficiently Protected CredentialsEPSS 0.5%CVE-2026-23742HIGHSkipper arbitrary code execution through lua filtersEPSS 0.5%CVE-2026-32633CRITICALGlances's Browser API Exposes Reusable Downstream Credentials via `/api/4/serverslist`EPSS 0.5%CVE-2022-41564MEDIUMTIBCO Operational Intelligence Hawk Redtail Credential Exposure VulnerabilityEPSS 0.5%CVE-2024-46480HIGHAn NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privEPSS 0.5%CVE-2025-34139HIGHSitecore XM/XP/XC and Managed Cloud 8.0 - 10.4 Arbitrary File ReadEPSS 0.5%CVE-2023-23463MEDIUM Sunell DVR – Insufficiently Protected CredentialsEPSS 0.5%CVE-2022-4926MEDIUMInsufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origEPSS 0.5%CVE-2023-3251MEDIUMPass-back vulnerability in NessusEPSS 0.5%CVE-2023-25532MEDIUMNVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause insufficient protection of credentials. A successful exploEPSS 0.5%CVE-2026-27167NONEGradio: Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session SecretEPSS 0.5%CVE-2025-52549CRITICALPredictable root linux password generationEPSS 0.5%CVE-2019-17082CRITICALInsufficiently Protected Credentials vulnerability in OpenText™ AccuRev allows Authentication Bypass. When installed on a Linux or Solaris sEPSS 0.4%CVE-2022-46155HIGHAirtable.js credentials exposed in browser buildsEPSS 0.4%