CVE & Exploit Intelligence Database

CVE-2025-0498 9.8 CRITICAL EPSS 0.00

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to insecure storage of FactoryTalk® Security user tokens, which could allow a threat actor to steal a token and, impersonate another user.

CWE-522 Jan 30, 2025

CVE-2025-0497 9.8 CRITICAL EPSS 0.00

A data exposure vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to storing credentials in the configuration file of EventLogAttachmentExtractor, ArchiveExtractor, LogCleanUp, or ArchiveLogCleanUp packages.

CWE-522 Jan 30, 2025

CVE-2025-0477 9.8 CRITICAL EPSS 0.01

An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation FactoryTalk® AssetCentre. The vulnerability exists due to a weak encryption methodology and could allow a threat actor to extract passwords belonging to other users of the application.

CWE-522 Jan 30, 2025

CVE-2024-57395 9.8 CRITICAL 1 Writeup EPSS 0.03

Password Vulnerability in Safety production process management system v1.0 allows a remote attacker to escalate privileges, execute arbitrary code and obtain sensitive information via the password and account number parameters.

CWE-522 Jan 29, 2025

CVE-2024-23733 7.5 HIGH 2 PoCs Analysis EPSS 0.18

The /WmAdmin/,/invoke/vm.server/login login page in the Integration Server in Software AG webMethods 10.15.0 before Core_Fix7 allows remote attackers to reach the administration panel and discover hostname and version information by sending an arbitrary username and a blank password to the /WmAdmin/#/login/ URI.

CWE-522 Jan 29, 2025

CVE-2023-50945 6.2 MEDIUM EPSS 0.00

IBM Common Licensing 9.0 stores user credentials in plain clear text which can be read by a local user.

CWE-522 Jan 26, 2025

CVE-2025-0619 4.9 MEDIUM EPSS 0.00

Unsafe password recovery from configuration in M-Files Server before 25.1 allows a highly privileged user to recover external connector passwords

CWE-522 Jan 23, 2025

CVE-2024-42012 5.7 MEDIUM EPSS 0.00

GRAU DATA Blocky before 3.1 stores passwords encrypted rather than hashed. At the login screen, the user's password is compared to the user's decrypted cleartext password. An attacker with Windows admin or debugging rights can therefore steal the user's Blocky password and from there impersonate that local user.

CWE-522 Jan 22, 2025

CVE-2025-23040 6.6 MEDIUM 1 PoC Analysis EPSS 0.01

GitHub Desktop is an open-source Electron-based GitHub app designed for git development. An attacker convincing a user to clone a repository directly or through a submodule can allow the attacker access to the user's credentials through the use of maliciously crafted remote URL. GitHub Desktop relies on Git to perform all network related operations (such as cloning, fetching, and pushing). When a user attempts to clone a repository GitHub Desktop will invoke `git clone` and when Git encounters a remote which requires authentication it will request the credentials for that remote host from GitHub Desktop using the git-credential protocol. Using a maliciously crafted URL it's possible to cause the credential request coming from Git to be misinterpreted by Github Desktop such that it will send credentials for a different host than the host that Git is currently communicating with thereby allowing for secret exfiltration. GitHub username and OAuth token, or credentials for other Git remote hosts stored in GitHub Desktop could be improperly transmitted to an unrelated host. Users should update to GitHub Desktop 3.4.12 or greater which fixes this vulnerability. Users who suspect they may be affected should revoke any relevant credentials.

CWE-522 Jan 15, 2025

CVE-2024-46480 8.4 HIGH 1 Writeup EPSS 0.00

An NTLM hash leak in Venki Supravizio BPM up to 18.0.1 allows authenticated attackers with Application Administrator access to escalate privileges on the underlying host system.

CWE-522 Jan 13, 2025

CVE-2024-42172 5.3 MEDIUM EPSS 0.00

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys, passwords, and session tokens, potentially leading to identity theft and system control. This vulnerability arises from poor configuration, logic errors, or software bugs and can affect any application with access control, including databases, network infrastructure, and web applications.

CWE-522 Jan 11, 2025

CVE-2025-21111 7.5 HIGH EPSS 0.00

Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

CWE-522 Jan 08, 2025

CVE-2025-21102 7.5 HIGH EPSS 0.00

Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

CWE-522 Jan 08, 2025

CVE-2024-56354 5.5 MEDIUM EPSS 0.00

In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission

CWE-522 Dec 20, 2024

CVE-2020-9250 3.3 LOW EPSS 0.00

There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated, local attacker can crafts software package to exploit this vulnerability. Due to insufficient verification, successful exploitation may impact the service. (Vulnerability ID: HWPSIRT-2019-12302) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9250.

CWE-522 Dec 20, 2024

CVE-2022-33954 4.6 MEDIUM EPSS 0.00

IBM Robotic Process Automation 21.0.1, 21.0.2, and 21.0.3 could allow a user with psychical access to the system to obtain sensitive information due to insufficiently protected credentials.

CWE-522 Dec 19, 2024

CVE-2024-49817 4.4 MEDIUM EPSS 0.00

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user.

CWE-260 Dec 17, 2024

CVE-2024-54471 5.5 MEDIUM EPSS 0.00

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1. A malicious application may be able to leak a user's credentials.

CWE-522 Dec 12, 2024

CVE-2024-53292 7.2 HIGH EPSS 0.00

Dell VxVerify, versions prior to x.40.405, contain a Plain-text Password Storage Vulnerability in the shell wrapper. A local high privileged attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable component with privileges of the compromised account.

CWE-522 Dec 11, 2024

CVE-2024-46341 8.0 HIGH EPSS 0.00

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.

CWE-522 Dec 10, 2024