Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2024-0368 HIGH

Hustle - Email Marketing - Info Disclosure

CVE-2024-28110 HIGH

cloudevents/sdk-go < 2.15.2 - Credential Leak via http.DefaultClient Modification

CVE-2024-21815 CRITICAL

Gallagher Command Centre < 8.60 - Authenticated Insufficiently Protected Credentials

CVE-2024-26133 MEDIUM

EventStoreDB <20.10.6, <21.10.11, <22.10.5, <23.10.1 - Info Disclosure

CVE-2024-23306 HIGH

F5 BIG-IP Next CNF and SPK 1.1.0-<1.2.0 - Unauthenticated Sensitive File Access

CVE-2024-22312 MEDIUM

IBM Storage Defender - Resiliency Service 2.0 - Info Disclosure

CVE-2024-24595 MEDIUM

Allegro AI's ClearML - Info Disclosure

CVE-2024-21869 MEDIUM

Rapid SCADA <5.8.4 - Info Disclosure

CVE-2024-22432 HIGH

Dell Networker < 19.9 - Plain-text Password Exposure in NMDA MySQL Database Backup Config

CVE-2023-50945 MEDIUM

IBM Common Licensing 9.0 - Info Disclosure

CVE-2023-48010 CRITICAL

STMicroelectronics SPC58 - Missing Protection Mechanism

CVE-2023-50310 MEDIUM

IBM CICS Transaction Gateway 9.2-9.3 - Insufficiently Protected Credentials

CVE-2023-49233 HIGH

Visual Planning Admin Center <8 - Privilege Escalation

CVE-2023-41926 HIGH

Webserver <unknown> - Info Disclosure

CVE-2023-42955 MEDIUM

FileMaker Server 20.3.1 - Info Disclosure

CVE-2023-40511 HIGH

LG Simple Editor - Unauthenticated Authentication Bypass via checkServer Method

CVE-2023-40510 HIGH

LG Simple Editor - Unauthenticated Authentication Bypass via getServerSetting Method

CVE-2023-37400 HIGH

IBM Aspera Faspex 5.0.0-5.0.7 - Privilege Escalation via Insecure Credential Storage

CVE-2023-41677 HIGH

Fortinet FortiProxy/FortiOS <7.4.1 - RCE

CVE-2023-50311 LOW

IBM CICS Transaction Gateway 9.2-9.3 - Sensitive Path Information Disclosure via Debugging or Error Messages

CVE-2023-50436 MEDIUM

Couchbase Server 7.1.5-7.2.3 - Insufficiently Protected Credentials in diag.log

CVE-2023-6259 HIGH

Brivo ACS100-ACS300 <6.2.4.3 - Privilege Escalation

CVE-2023-4538 MEDIUM

Comarch ERP XL <2023.2 - Info Disclosure

CVE-2023-27975 HIGH

EcoStruxure Control Expert < 16.0 and EcoStruxure Process Expert < 2023 - Unauthorized Access via Memory Tampering

CVE-2023-32280 MEDIUM

Intel OpenBMC < egs-1.05 - Unauthenticated Information Disclosure via Insufficiently Protected Credentials

Previous Page 14 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy