Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,363 vulnerabilities with CWE-522

CVE-2018-1498 MEDIUM

IBM Security Guardium EcoSystem 10.5 - Info Disclosure

CVE-2018-17613 CRITICAL

Telegram Desktop <1.3.16 - Info Disclosure

CVE-2018-16669 CRITICAL

CIRCONTROL OCPP <1.5.0 - Info Disclosure

CVE-2018-10814 HIGH

Synametrics SynaMan 4.0 build 1488 - Insufficiently Protected SMTP Credentials

CVE-2018-16987 HIGH

Squash TM <1.18.0 - Info Disclosure

CVE-2018-13822 HIGH

Broadcom Project Portfolio Management < 14.3 - Insufficiently Protected Credentials

CVE-2018-1139 HIGH

Samba <4.7.9, 4.8.4 - Info Disclosure

CVE-2018-10622 MEDIUM

Medtronic MyCareLink Patient Monitor - Info Disclosure

CVE-2018-11050 HIGH

Dell EMC NetWorker 9.0-9.1.1.8, 9.2.1.3, 18.1.0.1 - Cleartext Transmission of Sensitive Information in RabbitMQ AMQP

CVE-2018-5543 HIGH

F5 BIG-IP Controller <1.5.0 - Info Disclosure

CVE-2018-8851 CRITICAL

Echelon SmartServer <4.11.007 - Info Disclosure

CVE-2018-1000404 HIGH

Jenkins AWS CodeBuild Plugin <0.27 - Credentials Disclosure

CVE-2018-1000403 HIGH

Jenkins AWS CodeDeploy Plugin <1.19 - Credentials Disclosure

CVE-2018-1000401 HIGH

Jenkins AWS CodePipeline Plugin <0.36 - Credentials Disclosure

CVE-2018-11639 HIGH

Dialogic PowerMedia XMS < 3.5 - Plaintext Password Exposure in Login Cookie

CVE-2018-11634 HIGH

Dialogic PowerMedia XMS < 3.5 SU2 - Plaintext Password Storage in Administrative Console

CVE-2018-7782 HIGH

Schneider Electric Pelco Sarix Professional <3.29.69 - Info Disclosure

CVE-2018-11746 HIGH

Puppet Discovery < 1.2.0 - Insufficiently Protected Credentials via WinRM Basic Auth Fallback

CVE-2018-13014 HIGH

SafenSoft Enterprise Suite < 4.4.2 - Insufficiently Protected Credentials in Settings Database

CVE-2018-1000610 HIGH

Jenkins Configuration as Code Plugin <0.7-alpha - Info Disclosure

CVE-2018-1000608 HIGH

Jenkins z/OS Connector Plugin <1.2.6.1 - Info Disclosure

CVE-2018-12260 MEDIUM

Momentum Axel 720P <5.1.8 - Info Disclosure

CVE-2018-1075 MEDIUM

ovirt-engine < 4.2.3 - Unfiltered Password Exposure in Manual Database Provisioning

CVE-2018-4190 HIGH

Safari < 11.1.1 - Credential Exposure via CSS Mask-Image Fetch

CVE-2018-0335 HIGH

Cisco Prime Collaboration Provisioning - Unauthenticated Sensitive Data Exposure via World-Readable Log File

Previous Page 49 of 55 Next

Details

Vulnerabilities 1,363

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy