Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-24978 | Insufficiently Protected Credentials vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. | 8.8 |
| 2022-04-05 | CVE-2022-28651 | Insufficiently Protected Credentials vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields | 5.5 |
| 2022-04-05 | CVE-2021-45892 | Insufficiently Protected Credentials vulnerability in Zauner ARC 4.2.0.4 An issue was discovered in Softwarebuero Zauner ARC 4.2.0.4. | 5.9 |
| 2022-04-04 | CVE-2021-32978 | Insufficiently Protected Credentials vulnerability in Automationdirect products The programming protocol allows for a previously entered password and lock state to be read by an attacker. | 7.5 |
| 2022-04-04 | CVE-2022-1026 | Insufficiently Protected Credentials vulnerability in Kyocera NET Viewer 2S01000.005.0012S52000.002.505 Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function. | 8.6 |
| 2022-04-01 | CVE-2021-33024 | Insufficiently Protected Credentials vulnerability in Philips products Philips Vue PACS versions 12.2.x.x and prior transmits or stores authentication credentials, but it uses an insecure method susceptible to unauthorized interception and/or retrieval. | 7.5 |
| 2022-03-30 | CVE-2022-26948 | Insufficiently Protected Credentials vulnerability in RSA Archer The Archer RSS feed integration for Archer 6.x through 6.9 SP1 (6.9.1.0) is affected by an insecure credential storage vulnerability. | 7.5 |
| 2022-03-29 | CVE-2022-28135 | Insufficiently Protected Credentials vulnerability in Jenkins Instant-Messaging Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | 6.5 |
| 2022-03-29 | CVE-2022-28141 | Insufficiently Protected Credentials vulnerability in Jenkins Proxmox Jenkins Proxmox Plugin 0.5.0 and earlier stores the Proxmox Datacenter password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |
| 2022-03-28 | CVE-2022-0738 | Insufficiently Protected Credentials vulnerability in Gitlab An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. | 7.5 |