Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-18 | CVE-2022-38469 | Insufficiently Protected Credentials vulnerability in GE Proficy Historian An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. | 7.5 |
| 2023-01-17 | CVE-2022-23538 | Insufficiently Protected Credentials vulnerability in Sylabs Singularity Container Services Library github.com/sylabs/scs-library-client is the Go client for the Singularity Container Services (SCS) Container Library Service. | 7.6 |
| 2023-01-17 | CVE-2022-41859 | Insufficiently Protected Credentials vulnerability in Freeradius In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack. | 7.5 |
| 2023-01-13 | CVE-2021-36204 | Insufficiently Protected Credentials vulnerability in Johnsoncontrols products Under some circumstances an Insufficiently Protected Credentials vulnerability in Johnson Controls Metasys ADS/ADX/OAS 10 versions prior to 10.1.6 and 11 versions prior to 11.0.3 allows API calls to expose credentials in plain text. | 7.5 |
| 2023-01-07 | CVE-2016-15014 | Insufficiently Protected Credentials vulnerability in Cesnet Theme-Cesnet A vulnerability has been found in CESNET theme-cesnet up to 1.x on ownCloud and classified as problematic. | 5.5 |
| 2023-01-03 | CVE-2022-2967 | Insufficiently Protected Credentials vulnerability in Prosysopc UA Modbus Server and UA Simulation Server Prosys OPC UA Simulation Server version prior to v5.3.0-64 and UA Modbus Server versions 1.4.18-5 and prior do not sufficiently protect credentials, which could allow an attacker to obtain user credentials and gain access to system data. | 7.5 |
| 2022-12-22 | CVE-2022-22458 | Insufficiently Protected Credentials vulnerability in IBM Security Verify Governance 10.0.1 IBM Security Verify Governance, Identity Manager 10.0.1 stores user credentials in plain clear text which can be read by a remote authenticated user. | 6.5 |
| 2022-12-19 | CVE-2022-4612 | Insufficiently Protected Credentials vulnerability in Clickstudios Passwordstate A vulnerability has been found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome and classified as problematic. | 6.5 |
| 2022-12-12 | CVE-2022-4312 | Insufficiently Protected Credentials vulnerability in Arcinformatique Pcvue 12.0.26/15/15.2.2 A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. | 5.5 |
| 2022-12-09 | CVE-2022-29839 | Insufficiently Protected Credentials vulnerability in Westerndigital MY Cloud OS Insufficiently Protected Credentials vulnerability in the remote backups application on Western Digital My Cloud devices that could allow an attacker who has gained access to a relevant endpoint to use that information to access protected data. | 5.5 |