Weaknesses of type CWE-522
555 resultsCVE-2018-16153HIGHAn issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts tEPSS 0.8%CVE-2021-27495—Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.EPSS 0.8%CVE-2025-25650CRITICALAn issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards tEPSS 0.8%CVE-2024-0368HIGHHustle <= 7.8.3 - Sensitive Information Exposure via Exposed Hubspot API KeysEPSS 0.8%CVE-2026-23658HIGHAzure DevOps: msazure Elevation of Privilege VulnerabilityEPSS 0.8%CVE-2023-25407HIGHAten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have read access to administrator credentials.EPSS 0.8%CVE-2022-30601CRITICALInsufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow an unauthenticated user to potentially eEPSS 0.8%CVE-2020-36896HIGHQiHang Media Web Digital Signage 3.0.9 Cleartext Credentials DisclosureEPSS 0.8%CVE-2024-7813MEDIUMSourceCodester Prison Management System Profile Image insufficiently protected credentialsEPSS 0.8%CVE-2020-5400HIGHCloud Controller logs environment variables from app manifestsEPSS 0.8%CVE-2022-0862LOWePO password change vulnerabilityEPSS 0.7%CVE-2025-23040MEDIUMMaliciously crafted remote URLs could lead to credential leak in GitHub DesktopEPSS 0.7%CVE-2023-41677HIGHA insufficiently protected credentials in Fortinet FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13, 1.2.0 EPSS 0.7%CVE-2022-39168MEDIUMIBM Robotic Process Automation Clients are vulnerable to proxy credentials being exposed in upgrade logs. IBM X-Force ID: 235422.EPSS 0.7%CVE-2020-8259—Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys.EPSS 0.7%CVE-2022-41575HIGHA credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3 through 2022.3.3 allows remote attackers to EPSS 0.7%CVE-2022-1666MEDIUMSecheron SEPCOS Control and Protection RelayEPSS 0.7%CVE-2021-41297HIGHECOA BAS controller - Insufficiently Protected Credentials-1EPSS 0.7%CVE-2020-15791MEDIUMA vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-4EPSS 0.7%CVE-2024-29992MEDIUMAzure Identity Library for .NET Information Disclosure VulnerabilityEPSS 0.7%