Fallos del tipo CWE-522
555 resultadosCVE-2021-28171CRITICALVangene deltaFlow E-platform - Broken AuthenticationEPSS 1.2%CVE-2021-3344—A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mountEPSS 1.2%CVE-2025-26628HIGHAzure Local Cluster Information Disclosure VulnerabilityEPSS 1.2%CVE-2023-29055HIGHApache Kylin: Insufficiently protected credentials in config fileEPSS 1.1%CVE-2020-25235—A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for thEPSS 1.1%CVE-2022-46967CRITICALAn access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directorEPSS 1.1%CVE-2019-13421—Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configuEPSS 1.1%CVE-2019-5648HIGHLDAP Credential Exposure in Barracuda Load Balancer ADCEPSS 1.1%CVE-2024-40710HIGHA series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extractiEPSS 1.1%CVE-2021-27491—Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.EPSS 1.1%CVE-1999-0013HIGHStolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent uEPSS 1.1%CVE-2021-1232MEDIUMCisco SD-WAN vManage Information Disclosure VulnerabilityEPSS 1.1%CVE-2021-28813CRITICALInsufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitchEPSS 1.1%CVE-2016-9593MEDIUMforeman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file woulEPSS 1.0%CVE-2021-20997HIGHWAGO: Managed Switches: Unauthorized access to password hashesEPSS 1.0%CVE-2017-13998—An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The application does not sufficientEPSS 1.0%CVE-2025-4679MEDIUMA vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecEPSS 1.0%CVE-2020-5406—PCF Autoscaling logs its database credentialsEPSS 1.0%CVE-2020-7030MEDIUMIPO Information DisclosureEPSS 1.0%CVE-2022-29833MEDIUMInsufficiently Protected Credentials vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later allows a remote unEPSS 1.0%