Fallos del tipo CWE-522

555 resultados
CVE-2020-37097HIGHEdimax EW-7438RPn 1.13 - Information Disclosure (WiFi Password)EPSS 0.4%CVE-2019-10210MEDIUMPostgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotectedEPSS 0.4%CVE-2023-49233HIGHInsufficient access checks in Visual Planning Admin Center 8 before v.1 Build 240207 allow attackers in possession of a non-administrative VEPSS 0.4%CVE-2019-10981In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulnerability has been identified that may allow an authenticated local userEPSS 0.4%CVE-2022-27560MEDIUMAn insufficiently protected credential vulnerability affects HCL VersionVault ExpressEPSS 0.4%CVE-2026-39462CRITICALSenseLive X3050 Insufficiently Protected CredentialsEPSS 0.4%CVE-2025-27231MEDIUMLDAP 'Bind password' field value can be leaked by a Zabbix Super AdminEPSS 0.4%CVE-2025-27192LOWAdobe Commerce | Insufficiently Protected Credentials (CWE-522)EPSS 0.4%CVE-2023-50125MEDIUMA default engineer password set on the Hozard alarm system (Alarmsysteem) v1.0 allows an attacker to bring the alarm system to a disarmed stEPSS 0.4%CVE-2024-34883MEDIUMInsufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allow remote administrators to read proxy-serveEPSS 0.4%CVE-2025-64898MEDIUMColdFusion | Insufficiently Protected Credentials (CWE-522)EPSS 0.4%CVE-2024-49396HIGHInsufficiently Protected Credentials in Elvaco M-Bus Metering Gateway CMe3100EPSS 0.4%CVE-2024-33849MEDIUMci solution CI-Out-of-Office Manager through 6.0.0.77 uses a Hard-coded Cryptographic Key.EPSS 0.4%CVE-2025-38739HIGHDell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated aEPSS 0.4%CVE-2025-0498HIGHRockwell Automation FactoryTalk® AssetCentre Data Exposure VulnerabilityEPSS 0.4%CVE-2024-39290MEDIUMInsufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtaiEPSS 0.4%CVE-2025-58130CRITICALApache Fineract: Server Key not maskedEPSS 0.4%CVE-2026-1223MEDIUMBROWAN COMMUNICATIONS |PrismX MX100 AP controller - Insufficiently Protected CredentialsEPSS 0.4%CVE-2023-4538MEDIUMShared Key in Comarch ERP XLEPSS 0.4%CVE-2024-29071HIGHHGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network-adjacent unauthenticated attacker may change thEPSS 0.4%