Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-14 | CVE-2024-39818 | Insufficiently Protected Credentials vulnerability in Zoom products Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. | 6.5 |
| 2024-08-12 | CVE-2024-36460 | Insufficiently Protected Credentials vulnerability in Zabbix The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text. | 8.1 |
| 2024-08-05 | CVE-2024-6118 | Insufficiently Protected Credentials vulnerability in Hamastar Meetinghub Paperless Meetings 2021 A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file. | 9.1 |
| 2024-07-31 | CVE-2024-3082 | Insufficiently Protected Credentials vulnerability in Proges Sensor NET Connect Firmware V2 2.24 A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security measures at other layers (e.g., full-disk encryption) have been enabled. | 4.6 |
| 2024-07-01 | CVE-2024-39878 | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.3 private key could be exposed via testing GitHub App Connection | 5.3 |
| 2024-07-01 | CVE-2024-39879 | Insufficiently Protected Credentials vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2024.03.3 application token could be exposed in EC2 Cloud Profile settings | 5.3 |
| 2024-06-18 | CVE-2024-38505 | Insufficiently Protected Credentials vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.2.34646 user access token was sent to the third-party site | 7.5 |
| 2024-06-13 | CVE-2024-25052 | Insufficiently Protected Credentials vulnerability in IBM Jazz Reporting Service 7.0.3 IBM Jazz Reporting Service 7.0.3 stores user credentials in plain clear text which can be read by an admin user. | 4.4 |
| 2024-06-11 | CVE-2024-35208 | Insufficiently Protected Credentials vulnerability in Siemens Sinec Traffic Analyzer 1.1 A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). | 5.5 |
| 2024-06-10 | CVE-2024-37051 | Insufficiently Protected Credentials vulnerability in Jetbrains products GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 EAP2; DataGrip 2023.1.3, 2023.2.4, 2023.3.5, 2024.1.4; DataSpell 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.2, 2024.2 EAP1; GoLand 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; MPS 2023.2.1, 2023.3.1, 2024.1 EAP2; PhpStorm 2023.1.6, 2023.2.6, 2023.3.7, 2024.1.3, 2024.2 EAP3; PyCharm 2023.1.6, 2023.2.7, 2023.3.6, 2024.1.3, 2024.2 EAP2; Rider 2023.1.7, 2023.2.5, 2023.3.6, 2024.1.3; RubyMine 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP4; RustRover 2024.1.1; WebStorm 2023.1.6, 2023.2.7, 2023.3.7, 2024.1.4 | 7.5 |