Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,360 vulnerabilities with CWE-522

CVE-2019-16543 MEDIUM

Jenkins Spira Importer Plugin <3.2.2 - Info Disclosure

CVE-2019-16542 MEDIUM

Jenkins Anchore Container Image Scanner Plugin <1.0.19 - Info Discl...

CVE-2019-3663 CRITICAL

McAfee Advanced Threat Defense < 4.8 - Unprotected Storage of Credentials

CVE-2019-1384 CRITICAL

Microsoft Windows - Privilege Escalation

CVE-2019-10210 HIGH

Postgresql <11.5-9.4.24 - Info Disclosure

CVE-2019-4307 MEDIUM

IBM Security Guardium Big Data Intelligence - Info Disclosure

CVE-2019-14929 CRITICAL

Mitsubishi Electric and INEA ME-RTU Firmware < 2.02 and < 3.0 - Unauthenticated Cleartext Password Exposure

CVE-2019-10476 HIGH

Jenkins Zulip Plugin < 1.1.0 - Insufficiently Protected Credentials

CVE-2019-10467 MEDIUM

Jenkins Sonar Gerrit Plugin < 2.3 - Insufficiently Protected Credentials in Job Config

CVE-2019-10461 HIGH

Jenkins Dynatrace Application Monitoring < 2.1.3 - Insufficiently Protected Credentials

CVE-2019-10460 HIGH

Jenkins Bitbucket OAuth Plugin < 0.9 - Unprotected Credential Storage in config.xml

CVE-2019-10459 MEDIUM

Jenkins Mattermost Notification Plugin < 2.7.0 - Insufficiently Protected Credentials in Global Configuration

CVE-2019-17393 CRITICAL

Tomedo Server 1.7.3 - Cleartext Transmission of Sensitive Information via HTTP

CVE-2019-11284 HIGH

Reactor Netty < 0.8.11 - Unauthenticated Credential Exposure via Redirect Header Handling

CVE-2019-17662 CRITICAL

ThinVNC 1.0b1 - Path Traversal and Arbitrary File Read via ThinVnc.ini

CVE-2019-10448 HIGH

Jenkins Extensive Testing Plugin - Insufficiently Protected Credentials in Job Config Files

CVE-2019-17356 MEDIUM

Infinite Design 3.4.12 - Cleartext Transmission of Sensitive Information via TCP

CVE-2019-17497 MEDIUM

PDF-XChange Editor < 8.0.330.0 - NTLM SSO Hash Theft via Crafted FDF/XFDF Files

CVE-2019-9533 CRITICAL

Cobham EXPLORER 710 - Info Disclosure

CVE-2019-0072 MEDIUM

Juniper Networks SBR <8.4.1R13, <8.5.0R4 - Info Disclosure

CVE-2019-10429 MEDIUM

Jenkins GitLab Logo Plugin < 1.0.3 - Insufficiently Protected Credentials

CVE-2019-10426 MEDIUM

Jenkins Gem Publisher Plugin < 1.0 - Insufficiently Protected Credentials

CVE-2019-10425 MEDIUM

Jenkins Google Calendar Plugin < 0.4 - Insufficiently Protected Credentials

CVE-2019-10424 MEDIUM

Jenkins elOyente Plugin < 1.3 - Insufficiently Protected Credentials

CVE-2019-10423 MEDIUM

Jenkins CodeScan Plugin < 0.11 - Insufficiently Protected Credentials

Previous Page 40 of 55 Next

Details

Vulnerabilities 1,360

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy