Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2024-5657 LOW

born05 Two-Factor Authentication 3.3.1-3.3.3 - Password Hash Disclosure via TOTP Submission

CVE-2024-36127 HIGH

apko < 0.14.5 - Insufficiently Protected Credentials via Log Output

CVE-2024-5176 CRITICAL

Welch Allyn Config Tool <1.9.4.1 - RCE

CVE-2024-33849 MEDIUM

CI-Out-of-Office Manager <6.0.0.77 - Info Disclosure

CVE-2024-35192 MEDIUM

Trivy < 0.51.2 - Credential Leakage via Malicious Container Registry

CVE-2024-36081 CRITICAL

Westermo EDW-100 through 2024-05-03 - Unauthenticated Plaintext Password Exposure in Configuration File

CVE-2024-23583 MEDIUM

HCL BigFix Platform 9.5-9.5.24 - Insufficiently Protected Credentials via Task Manager

CVE-2024-27109 HIGH

GE HealthCare EchoPAC - Info Disclosure

CVE-2024-33497 MEDIUM

SIMATIC RTLS Locating Manager -<V3.0.1.1 - Info Disclosure

CVE-2024-33496 MEDIUM

SIMATIC RTLS Locating Manager -<V3.0.1.1 - Info Disclosure

CVE-2024-22345 MEDIUM

IBM TXSeries for Multiplatforms 8.2 - Info Disclosure

CVE-2024-28971 LOW

Dell Update Manager Plugin <1.5.0 - Info Disclosure

CVE-2024-22266 MEDIUM

VMware Avi Load Balancer - Info Disclosure

CVE-2024-23551 MEDIUM

Database Scanning - Info Disclosure

CVE-2024-4536 MEDIUM

Eclipse EDC Connector 0.2.1-0.6.2 - OAuth2 Client Secret Exposure via Data Sink Configuration

CVE-2024-29941 HIGH

ICT MIFARE/DESFire - Info Disclosure

CVE-2024-3543 MEDIUM

Reversible Password Encryption - Info Disclosure

CVE-2024-34147 MEDIUM

Jenkins Telegram Bot Plugin <1.4.0 - Info Disclosure

CVE-2024-28961 MEDIUM

Dell OpenManage Enterprise 4.0.0 and 4.0.1 - Insufficiently Protected Credentials

CVE-2024-28325 MEDIUM

Asus RT-N12+ B1 - Plaintext Storage of a Password

CVE-2024-32238 CRITICAL

H3C ER8300G2-X - Insufficiently Protected Credentials via Management System Page

CVE-2024-29992 MEDIUM

Azure Identity Library for .NET - Info Disclosure

CVE-2024-20282 MEDIUM

Cisco Nexus Dashboard - Privilege Escalation

CVE-2024-29216 MEDIUM

cg6kwin2k.sys <2.1.7.0 - Privilege Escalation

CVE-2024-29071 HIGH

HGW BL1500HM <002.001.013 - Info Disclosure

Previous Page 13 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy