Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2023-46115 HIGH

Tauri - Insufficiently Protected Credentials via Vite Configuration Misuse

CVE-2023-5552 HIGH

Sophos Firewall < 19.5.3 - Password Disclosure via Secure PDF eXchange Feature

CVE-2023-27132 CRITICAL

TSplus Remote Work 16.0.0.0 - Info Disclosure

CVE-2023-43777 MEDIUM

Eaton easySoft < 8.01 - Insufficiently Protected Credentials

CVE-2023-27315 MEDIUM

SnapGathers < 4.9 - Authenticated Plaintext Credential Exposure

CVE-2023-23370 MEDIUM

QVPN 2.1.0-2.1.0.0518 - Authenticated Credential Exposure via Local Access

CVE-2023-44158 HIGH

Acronis Cyber Protect 15 < 35979 - Sensitive Information Disclosure via Insufficient Token Masking

CVE-2023-1633 MEDIUM

OpenStack Barbican - Info Disclosure

CVE-2023-43634 HIGH

When sealing/unsealing the "vault" key - Info Disclosure

CVE-2023-43633 HIGH

lfedge/eve <8.6.0 - Unauthenticated Insufficiently Protected Credentials via GlobalConfig Override

CVE-2023-43631 HIGH

LF Edge EVE < 8.6.0 - Unauthenticated Credential Injection via Unprotected Config Partition

CVE-2023-43635 HIGH

EVE OS - PCR Locking

CVE-2023-43630 HIGH

Linux Foundation Edge Virtualization Engine 9.0.0-9.4.9 - Credentials Exposure via PCR14 Bypass

CVE-2023-25532 MEDIUM

NVIDIA DGX H100 Firmware < 23.08.18 - Insufficiently Protected Credentials in IPMI

CVE-2023-25531 HIGH

NVIDIA DGX H100 Firmware < 23.08.18 - Insufficiently Protected Credentials in IPMI

CVE-2023-41010 MEDIUM

China Telecom Tianyi Home Gateway v.TEWA-700G - Info Disclosure

CVE-2023-32338 MEDIUM

IBM Sterling Secure Proxy & External Authentication Server 6.0.3/6.1.0 - Credential Protection Bypass

CVE-2023-3251 MEDIUM

Nessus < 10.6.0 - Authenticated SMTP Credential Exposure

CVE-2023-40173 HIGH

social-media-skeleton < 1.0.5 - Insufficiently Protected Credentials via Unsalted Password Hashes

CVE-2023-31492 MEDIUM

Zoho ManageEngine ADManager Plus <7182 - Info Disclosure

CVE-2023-40347 MEDIUM

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin < 1.14 - Insufficiently Protected Credentials

CVE-2023-40345 MEDIUM

Jenkins Delphix Plugin < 3.0.2 - Insufficiently Protected Credentials via Credentials Lookup

CVE-2023-4328 MEDIUM

Broadcom RAID Controller - Info Disclosure

CVE-2023-4327 MEDIUM

Broadcom RAID Controller - Info Disclosure

CVE-2023-20965 CRITICAL

Android - Credential Disclosure in TOFU Flow via ClientModeImpl Logic Error

Previous Page 16 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy