Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-11064 | Credentials Management vulnerability in multiple products A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. | 5.0 |
| 2019-08-20 | CVE-2019-10960 | Credentials Management vulnerability in Zebra products Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. | 5.0 |
| 2019-08-06 | CVE-2016-10791 | Credentials Management vulnerability in Cpanel cPanel before 60.0.15 does not ensure that system accounts lack a valid password, so that logins are impossible (CPANEL-9559). | 5.0 |
| 2019-08-05 | CVE-2017-18470 | Credentials Management vulnerability in Cpanel cPanel before 62.0.4 has a fixed password for the Munin MySQL test account (SEC-196). | 4.0 |
| 2019-08-01 | CVE-2016-10821 | Credentials Management vulnerability in Cpanel In cPanel before 55.9999.141, Scripts/addpop reveals a command-line password in a process list (SEC-75). | 4.0 |
| 2019-07-30 | CVE-2019-5456 | Credentials Management vulnerability in UI Unifi Controller and Unifi Network Controller SMTP MITM refers to a malicious actor setting up an SMTP proxy server between the UniFi Controller version <= 5.10.21 and their actual SMTP server to record their SMTP credentials for malicious use later. | 8.1 |
| 2019-07-19 | CVE-2019-1010241 | Credentials Management vulnerability in Jenkins Credentials Binding 1.17 Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. | 4.0 |
| 2019-07-11 | CVE-2019-13560 | Credentials Management vulnerability in Dlink Dir-655 Firmware 3.02B05 D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to force a blank password via the apply_sec.cgi setup_wizard parameter. | 5.0 |
| 2019-07-03 | CVE-2017-8229 | Credentials Management vulnerability in Amcrest Ipm-721S Firmware Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices allow an unauthenticated attacker to download the administrative credentials. | 5.0 |
| 2019-07-03 | CVE-2017-9326 | Credentials Management vulnerability in Cloudera Manager 5.11.0 The keystore password for the Spark History Server may be exposed in unsecured files under the /var/run/cloudera-scm-agent directory managed by Cloudera Manager. | 3.5 |