Vulnerabilities > Insufficiently Protected Credentials

DATE CVE VULNERABILITY TITLE RISK
2025-04-08 CVE-2025-27192 Insufficiently Protected Credentials vulnerability in Adobe Commerce
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could lead to a security feature bypass.
network
low complexity
adobe CWE-522
2.7
2025-04-08 CVE-2025-26628 Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally.
local
low complexity
CWE-522
7.3
2025-03-10 CVE-2024-47109 IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.
network
low complexity
CWE-522
5.3
2025-03-03 CVE-2024-41770 Insufficiently Protected Credentials vulnerability in IBM Engineering Requirements Management Doors Next 7.0.2/7.0.3/7.1
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.
network
low complexity
ibm CWE-522
7.5
2025-03-03 CVE-2024-41771 Insufficiently Protected Credentials vulnerability in IBM Engineering Requirements Management Doors Next 7.0.2/7.0.3/7.1
IBM Engineering Requirements Management DOORS Next 7.0.2, 7.0.3, and 7.1 could allow a remote attacker to download temporary files which could expose application logic or other sensitive information.
network
low complexity
ibm CWE-522
7.5
2025-02-11 CVE-2025-26492 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12.2 improper Kubernetes connection settings could expose sensitive resources
network
low complexity
jetbrains CWE-522
critical
9.1
2025-01-11 CVE-2024-42172 Insufficiently Protected Credentials vulnerability in Hcltech Dryice Myxalytics 6.3
HCL MyXalytics is affected by broken authentication.
network
low complexity
hcltech CWE-522
critical
9.8
2025-01-08 CVE-2025-21111 Insufficiently Protected Credentials vulnerability in Dell products
Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a Plaintext Storage of a Password vulnerability.
local
low complexity
dell CWE-522
4.4
2025-01-08 CVE-2025-21102 Insufficiently Protected Credentials vulnerability in Dell products
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password vulnerability.
local
low complexity
dell CWE-522
4.4
2024-12-20 CVE-2024-56354 Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission
network
low complexity
jetbrains CWE-522
4.9