Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,359 vulnerabilities with CWE-522

CVE-2023-36082 CRITICAL

GatesAIr Flexiva FM Transmitter/Exiter Fax 150W - Privilege Escalation

CVE-2023-35067 HIGH

Infodrom Software E-Invoice Approval System <v.20230701 - Info Disc...

CVE-2023-37362 HIGH

Weintek Weincloud 0.13.6 - Unauthenticated Credential Abuse via Registration Functionality

CVE-2023-31824 HIGH

DERICIA Co. Ltd, DELICIA <v.13.6.1 - Info Disclosure

CVE-2023-34128 CRITICAL

SonicWall GMS <9.3.2-SP1 & Analytics <2.5.0.4-R7 - Info Disclosure

CVE-2023-37951 MEDIUM

Jenkins mabl Plugin < 0.0.46 - Insufficiently Protected Credentials

CVE-2023-36266 MEDIUM

Keeper Password Manager <17.2 - Info Disclosure

CVE-2023-35348 MEDIUM

Windows Server 2016, 2019, and 2022 - Active Directory Federation Service Security Feature Bypass

CVE-2023-36476 HIGH

calamares-nixos-extensions <0.3.12 - Info Disclosure

CVE-2023-28857 MEDIUM

Apereo CAS 6.5.0-6.5.9.1 & 6.6.0-6.6.5 - LDAP Credential Leak via X509 CRL Distribution Points

CVE-2023-35789 MEDIUM

rabbitmq-c < 0.13.0 - Credential Exposure via Command-Line Arguments

CVE-2023-33620 MEDIUM

GL.iNET GL-AR750S-Ext <3.215 - Info Disclosure

CVE-2023-26204 LOW

FortiSIEM 5.3.0-6.7 - Plaintext Password Storage

CVE-2023-29168 LOW

Vuforia Studio < 9.9 - Insufficiently Protected Credentials via Basic Authentication

CVE-2023-27126 MEDIUM

TP-Link TAPO C200 V3 (EU) - Info Disclosure

CVE-2023-22862 MEDIUM

IBM Aspera Connect/Cargo 4.2.5 - Info Disclosure

CVE-2023-25740 HIGH

Firefox < 110.0 - NTLM Credential Leak via .scf File Download

CVE-2023-31187 MEDIUM

Avaya IX Workforce Engagement v15.2.7.1195 - Info Disclosure

CVE-2023-32687 HIGH

tgstation-server 4.7.0-5.12.0 - Insufficiently Protected Credentials via Chat Bot Connection Strings

CVE-2023-33263 HIGH

wftpd 3.25 - Insufficiently Protected Credentials in wftpd.ini

CVE-2023-2881 MEDIUM

pimcore/customer-data-framework <3.3.10 - Info Disclosure

CVE-2023-33264 MEDIUM

Hazelcast <5.0.4, <5.1.6, <5.2.3 - Info Disclosure

CVE-2023-1763 MEDIUM

Canon IJ Network Tool <4.7.5 - Info Disclosure

CVE-2023-2633 MEDIUM

Jenkins Code Dx Plugin <3.1.0 - Info Disclosure

CVE-2023-2632 MEDIUM

Jenkins Code Dx Plugin <3.1.0 - Info Disclosure

Previous Page 17 of 55 Next

Details

Vulnerabilities 1,359

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy