Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-522

CWE-522

Insufficiently Protected Credentials

Parent: CWE-1390 - Weak Authentication

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

1,358 vulnerabilities with CWE-522

CVE-2025-27650 CRITICAL

Vasion Print < 20.0.2014 and Virtual Appliance < 22.0.862 - Insufficiently Protected Credentials

CVE-2025-27648 CRITICAL

Vasion Print < 20.0.2253 and Virtual Appliance < 22.0.913 - Cross Tenant Password Exposure

CVE-2025-25570 CRITICAL

Vue Vben Admin - Default Credentials

CVE-2025-0760 LOW

Product <Version> - Info Disclosure

CVE-2025-0867 CRITICAL

SICK MEAC300 < 4.0.54.21 - Privilege Escalation via Stored Administrator Credentials

CVE-2025-26492 HIGH

JetBrains TeamCity < 2024.12.2 - Insufficiently Protected Kubernetes Credentials

CVE-2025-0890 CRITICAL

Zyxel Legacy DSL CPE Firmware - Insecure Default Telnet Credentials

CVE-2025-0498 CRITICAL

Rockwell Automation FactoryTalk <V15.00.001 - Info Disclosure

CVE-2025-0497 CRITICAL

Rockwell Automation FactoryTalk <V15.00.001 - Info Disclosure

CVE-2025-0477 CRITICAL

Rockwell Automation FactoryTalk <V15.00.001 - Info Disclosure

CVE-2025-0619 MEDIUM

M-Files Server <25.1 - Privilege Escalation

CVE-2025-23040 MEDIUM

GitHub Desktop < 3.4.12 - Credential Leak via Malicious Remote URL

CVE-2025-21111 HIGH

Dell VxRail <8.0.312 - Info Disclosure

CVE-2025-21102 HIGH

Dell VxRail <7.0.532 - Info Disclosure

CVE-2024-47271 MEDIUM

Synology Surveillance Station - Insufficiently Protected Credentials

CVE-2024-42192 MEDIUM

HCL Traveler for Microsoft Outlook < 3.0.14 - Credential Leakage

CVE-2024-49364 HIGH

tiny-secp256k1 < 1.1.7 - Private Key Extraction via Malicious JSON-Stringifiable Object

CVE-2024-51984 MEDIUM

Brother ADS Series - Credential Disclosure via External Service Reconfiguration

CVE-2024-47081 MEDIUM

Requests < 2.32.4 - Credential Leak via Malicious URL Parsing

CVE-2024-47109 MEDIUM

IBM Sterling File Gateway <6.2.0.3 - Info Disclosure

CVE-2024-12799 CRITICAL

OpenText Identity Manager <4.8.7.0102, 4.9.0.0 - Privilege Escalation

CVE-2024-41771 HIGH

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 - Insufficiently Protected Credentials

CVE-2024-41770 HIGH

IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, 7.1 - Insufficiently Protected Credentials

CVE-2024-44754 MEDIUM

Minut M2 Firmware #15142 - Unauthenticated Cryptographic Key Extraction via USB

CVE-2024-38291 HIGH

XIQ-SE <24.2.11 - Privilege Escalation

Previous Page 9 of 55 Next

Details

Vulnerabilities 1,358

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy