Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,358 vulnerabilities with CWE-522

CVE-2025-34078 HIGH

NSClient++ <0.5.2.35 - Privilege Escalation

CVE-2025-34062 MEDIUM

OneLogin AD Connector <6.1.5 - Info Disclosure

CVE-2025-6081 MEDIUM

Konica Minolta bizhub 227 <GCQ-Y3 - Info Disclosure

CVE-2025-6526 LOW

70mai M300 <20250611 - Info Disclosure

CVE-2025-35941 MEDIUM

mySCADA myPRO 1.3-1.4 - Local Password Disclosure

CVE-2025-30183 HIGH

CyberData 011209 Intercom - Info Disclosure

CVE-2025-33079 MEDIUM

IBM Controller <11.1.0 - Info Disclosure

CVE-2025-3480 MEDIUM

MedDream WEB DICOM Viewer - Unauthenticated Cleartext Transmission of Credentials

CVE-2025-3079 HIGH

Office/Small Office Multifunction Printers/Laser Printers - Info Di...

CVE-2025-3078 HIGH

Production Printers - Info Disclosure

CVE-2025-4679 MEDIUM

Synology Active Backup for Microsoft 365 - Info Disclosure

CVE-2025-33093 HIGH

IBM Sterling Partner Engagement Manager <6.2.2 - Info Disclosure

CVE-2025-46820 HIGH

phpgt/Dom < 4.1.8 - Exposure of Sensitive Information via GitHub Token in Workflow Artifact

CVE-2025-2772 MEDIUM

BEC Technologies Router Firmware - Unauthenticated Insufficiently Protected Credentials via User Management Page

CVE-2025-32963 MEDIUM

MinIO Operator < 7.1.0 - Insufficiently Protected Credentials via Unscoped STS Token Audience

CVE-2025-28228 HIGH

Electrolink FM/DAB/TV Transmitter - Credentials Disclosure

CVE-2025-22372 HIGH

SicommNet BASEC <14 Dec 2021 - Info Disclosure

CVE-2025-27192 LOW

Adobe Commerce <2.4.8-beta2 - Insufficiently Protected Credentials

CVE-2025-26628 HIGH

Azure Local Cluster < 2411.2 - Authenticated Information Disclosure via Insufficiently Protected Credentials

CVE-2025-2908 HIGH

Fermax MeetMe < 2024-09 - Unauthenticated Credential Exposure via Call Forwarding Configuration

CVE-2025-2311 CRITICAL

SecHard <3.3.0.20220411 - Privilege Escalation

CVE-2025-25650 CRITICAL

Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 - Info Disclosure

CVE-2025-2277 HIGH

Devolutions Server < 2025.1.3.0 - Password Exposure in Web-Based SSH Authentication

CVE-2025-27926 MEDIUM

Nintex Automation 5.6-5.7 - Insufficiently Protected Credentials in K2 SmartForms Designer Configuration

CVE-2025-1886 HIGH

Sage 200 Spain <2025.35.000 - Info Disclosure

Previous Page 8 of 55 Next

Details

Vulnerabilities 1,358

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy