Vulnerabilities > Credentials Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-17 | CVE-2017-9385 | Credentials Management vulnerability in Getvera Veraedge Firmware and Veralite Firmware An issue was discovered on Vera Veralite 1.7.481 devices. | 9.8 |
| 2019-06-14 | CVE-2019-4381 | Credentials Management vulnerability in IBM I 7.2/7.3 IBM i 7.27.3 Clustering could allow a local attacker to obtain sensitive information, caused by the use of advanced node failure detection using the REST API to interface with the HMC. | 5.5 |
| 2019-06-10 | CVE-2017-13717 | Credentials Management vulnerability in Starry S00111 Firmware Starry Station (aka Starry Router) sets the Access-Control-Allow-Origin header to "*". | 8.8 |
| 2019-05-13 | CVE-2019-7690 | Credentials Management vulnerability in Mobatek Mobaxterm 11.1 In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH private key and its password can be retrieved from process memory for the lifetime of the process, even after the user disconnects from the remote SSH server. | 9.8 |
| 2019-04-22 | CVE-2015-1320 | Credentials Management vulnerability in Canonical Metal AS a Service 1.9.0/1.9.1 The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. | 9.8 |
| 2019-04-02 | CVE-2017-6047 | Credentials Management vulnerability in 3M Detcon Sitewatch Gateway Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication. | 9.8 |
| 2019-03-26 | CVE-2014-5433 | Credentials Management vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.05 An unauthenticated remote attacker may be able to execute commands to view wireless account credentials that are stored in cleartext on Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module (WBM) version 16, which may allow an attacker to gain access the host network. | 9.8 |
| 2019-01-23 | CVE-2017-17836 | Credentials Management vulnerability in Apache Airflow In Apache Airflow 1.8.2 and earlier, an experimental Airflow feature displayed authenticated cookies, as well as passwords to databases used by Airflow. | 9.8 |
| 2019-01-22 | CVE-2018-6443 | Credentials Management vulnerability in multiple products A vulnerability in Brocade Network Advisor Versions before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications. | 8.1 |
| 2019-01-16 | CVE-2015-9278 | Credentials Management vulnerability in Mailenable MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a consequence of %0A mishandling in AUTH.TAB after a password-change request. | 9.8 |