Falhas do tipo CWE-522
555 resultadosCVE-2025-54863CRITICALInsufficiently Protected Credentials in Radiometrics VizAirEPSS 0.6%CVE-2024-47805HIGHJenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentiEPSS 0.6%CVE-2023-24498HIGHNetgear ProSAFE 24 Port 10/100 FS726TP - CWE-522: Insufficiently Protected Credentials.EPSS 0.6%CVE-2020-27258—In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure vulnerability in the communication protocol EPSS 0.6%CVE-2024-12511HIGHSMB/FTP Address Book Scan Pass-back attackEPSS 0.6%CVE-2023-25760HIGHIncorrect Access Control in Tripleplay Platform releases prior to Caveman 3.4.0 allows authenticated user to modify other users passwords viEPSS 0.6%CVE-2023-24506HIGHMilesight NCR/Camera CWE-522: Insufficiently Protected CredentialsEPSS 0.6%CVE-2023-33000HIGHJenkins NS-ND Integration Performance Publisher Plugin 4.8.0.149 and earlier does not mask credentials displayed on the configuration form, EPSS 0.6%CVE-2024-36081CRITICALWestermo EDW-100 devices through 2024-05-03 allow an unauthenticated user to download a configuration file containing a cleartext password. EPSS 0.6%CVE-2023-25495MEDIUMA valid, authenticated administrative user can query a web interface API to reveal the configured LDAP client password used by XCC to authenEPSS 0.6%CVE-2021-42023—A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All versions). The RSA white-box implementatioEPSS 0.6%CVE-2024-39818HIGHZoom Workplace Apps and SDKs - Protection Mechanism FailureEPSS 0.6%CVE-2014-0755—Rockwell RSLogix 5000 Insufficiently Protected CredentialsEPSS 0.6%CVE-2022-37193HIGHChipolo ONE Bluetooth tracker (2020) Chipolo iOS app version 4.13.0 is vulnerable to Incorrect Access Control. Chipolo devices suffer from aEPSS 0.5%CVE-2022-42445MEDIUMHCL Launch is vulnerable to Insufficiently Protected LDAP Search Credentials (CVE-2022-42445)EPSS 0.5%CVE-2025-32963MEDIUMMinio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STSEPSS 0.5%CVE-2022-43460HIGHDriver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains EPSS 0.5%CVE-2022-43969CRITICALRicoh mp_c4504ex devices with firmware 1.06 mishandle credentials.EPSS 0.5%CVE-2023-40173HIGHUnsalted passwords in fobybus/social-media-skeletonEPSS 0.5%CVE-2022-32520HIGHA CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed oEPSS 0.5%