Weaknesses of type CWE-522
557 resultsCVE-2024-35192MEDIUMTrivy possibly leaks registry credential when scanning images from malicious registriesEPSS 0.2%CVE-2022-26856HIGHDell EMC Repository Manager version 3.4.0 contains a plain-text password storage vulnerability. A local attacker could potentially exploit tEPSS 0.2%CVE-2023-28084MEDIUMHPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokensEPSS 0.2%CVE-2022-30944MEDIUMInsufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable EPSS 0.2%CVE-2023-6573MEDIUMHPE OneView may have a missing passphrase during restore.EPSS 0.2%CVE-2026-6517MEDIUMMattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passedEPSS 0.2%CVE-2023-26221MEDIUMTIBCO Spotfire Insufficiently Protected Credential vulnerabilityEPSS 0.2%CVE-2026-6408LOWTanium addressed an information disclosure vulnerability in Tanium Server.EPSS 0.2%CVE-2022-29507MEDIUMInsufficiently protected credentials in the Intel(R) Team Blue mobile application in all versions may allow an authenticated user to potentiEPSS 0.2%CVE-2026-55188HIGHRustFS: ListRemoteTargetHandler authorization bypass leaks replication target credentialsEPSS 0.2%CVE-2025-22372HIGHInsecure password storage in SicommNet BASECEPSS 0.2%CVE-2022-26844HIGHInsufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to poteEPSS 0.2%CVE-2024-29216MEDIUMExposed IOCTL with insufficient access control issue exists in cg6kwin2k.sys prior to 2.1.7.0. By sending a specific IOCTL request, a user wEPSS 0.2%CVE-2025-10360MEDIUMInsufficiently Protected Credentials in Puppet Enterprise 2025.4 and 2025.5EPSS 0.2%CVE-2025-6227LOWInvite token is used as part of the secure communicationEPSS 0.2%CVE-2025-53671MEDIUMJenkins Nouvola DiveCloud Plugin 1.08 and earlier does not mask DiveCloud API Keys and Credentials Encryption Keys displayed on the job confEPSS 0.2%CVE-2021-27785LOWHCL Commerce could allow a local attacker to obtain sensitive personal information (CVE-2021-27785)EPSS 0.2%CVE-2023-28088HIGHAn HPE OneView appliance dump may expose SAN switch administrative credentialsEPSS 0.2%CVE-2026-41715MEDIUMReactor Netty HTTP Client Leaks Credentials On Protocol Downgrade RedirectEPSS 0.2%CVE-2023-28090MEDIUMAn HPE OneView appliance dump may expose SNMPv3 read credentialsEPSS 0.2%