Fallos del tipo CWE-523
23 resultadosCVE-2023-28708MEDIUMApache Tomcat: JSESSIONID Cookie missing secure attribute in some configurationsEPSS 1.8%CVE-2021-38460HIGHMoxa MXview Network Management SoftwareEPSS 1.7%CVE-2020-25175—GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.EPSS 1.1%CVE-2022-31805HIGHInsecure transmission of credentialsEPSS 1.0%CVE-2024-1102MEDIUMJberet: jberet-core logging database credentialsEPSS 0.8%CVE-2017-16731—An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8.9 released prior to December 2017 (includiEPSS 0.7%CVE-2023-22862MEDIUMIBM Aspera information disclosureEPSS 0.5%CVE-2023-31277HIGHPiiGAB M-Bus Unprotected Transport of CredentialsEPSS 0.5%CVE-2025-57800HIGHAudiobookshelf vulnerable to OIDC token exfiltration and account takeoverEPSS 0.4%CVE-2025-41705MEDIUMPhoenix Contact: WebSocket Message Interception Leaks Webfrontend CredentialsEPSS 0.4%CVE-2024-1509HIGHBrocade ASCG 3.2.0 web interface does not enforce HSTS, as defined by RFC 6797 for ports 8030 and 8100EPSS 0.3%CVE-2026-23635MEDIUMKiteworks Secure Data Forms has a potential Unprotected Transport of CredentialsEPSS 0.3%CVE-2025-64309HIGHBrightpick Mission Control / Internal Logic Control Unprotected Transport of CredentialsEPSS 0.3%CVE-2025-64308HIGHBrightpick Mission Control / Internal Logic Control Unprotected Transport of CredentialsEPSS 0.3%CVE-2025-61121HIGHMobile Scanner Android App version 2.12.38 (package name com.glority.everlens), developed by Glority Global Group Ltd., contains a credentiaEPSS 0.3%CVE-2021-32003HIGHConfiguration service port remains open 10 minutes after reboot even when already provisionedEPSS 0.2%CVE-2024-20395MEDIUMA vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to EPSS 0.2%CVE-2026-8673MEDIUMPassword re-initialization mechanism sends passwords in plain textEPSS 0.2%CVE-2026-8668LOWHardcoded credentials in embedded contentEPSS 0.2%CVE-2025-66029HIGHOpen OnDemand affected by Apache proxy passing sensitive headersEPSS 0.2%