Fallos del tipo CWE-522
558 resultadosCVE-2022-45859LOWAn insufficiently protected credentials vulnerability [CWE-522] in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and beEPSS 0.1%CVE-2022-40678HIGHAn insufficiently protected credentials in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11,EPSS 0.1%CVE-2024-40703MEDIUMIBM Cognos Analytics information disclosureEPSS 0.1%CVE-2026-27003MEDIUMOpenClaw: Telegram bot token exposure via logsEPSS 0.1%CVE-2024-6749MEDIUMSeth Fogie, member of the AXIS Camera Station Pro Bug Bounty Program, has found that the Incident report feature may expose sensitive credenEPSS 0.1%CVE-2024-42012MEDIUMGRAU DATA Blocky before 3.1 stores passwords encrypted rather than hashed. At the login screen, the user's password is compared to the user'EPSS 0.1%CVE-2026-32606HIGHIncusOS has a LUKS encryption bypass due to insufficient TPM policyEPSS 0.1%CVE-2025-61482HIGHImproper handling of OTP/TOTP/HOTP values in NetKnights GmbH privacyIDEA Authenticator v.4.3.0 on Android allows local attackers with root aEPSS 0.1%CVE-2026-7038MEDIUMtufantunc ssh-mcp Command Line index.ts insufficiently protected credentialsEPSS 0.1%CVE-2022-29839MEDIUMRemote Backups Application Discloses Stored CredentialsEPSS 0.1%CVE-2025-62312LOWHCL AION is affected by a vulnerability where basic authorization tokens are used for authenticationEPSS 0.1%CVE-2025-3480MEDIUMMedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure VulnerabilityEPSS 0.1%CVE-2025-34062MEDIUMOneLogin AD Connector API Credential and Signing Key ExposureEPSS 0.1%CVE-2026-4387LOWUnencrypted storage of authentication state in StrongDM Desktop Application state.kv fileEPSS 0.1%CVE-2024-47588MEDIUMInformation Disclosure vulnerability in SAP NetWeaver Java (Software Update Manager)EPSS 0.1%CVE-2025-24508MEDIUMOffline Extraction of Account Connectivity Credentials (ACCs) in IT Management SuiteEPSS 0.1%CVE-2020-9250LOWThere is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software pacEPSS 0.1%CVE-2025-62794LOWGitHub Workflow Updater stored the optional Github token in plaintextEPSS 0.1%CVE-2026-20435MEDIUMIn preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, iEPSS 0.1%CVE-2025-15621MEDIUMSparx Enterprise Architect Client does not verify the receiver of OAuth2 credentials during OpenID authenticationEPSS 0.1%