Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-20 | CVE-2020-9425 | Insufficiently Protected Credentials vulnerability in Rconfig An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. | 5.0 |
| 2020-03-20 | CVE-2019-18785 | Insufficiently Protected Credentials vulnerability in Suitecrm SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles API access tokens and credentials. | 5.0 |
| 2020-03-19 | CVE-2019-15656 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware and Dsl-2877Al Firmware D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to information disclosure via a simple crafted request to index.asp on the web management server because of username_v and password_v variables. | 7.5 |
| 2020-03-19 | CVE-2019-15655 | Insufficiently Protected Credentials vulnerability in Dlink Dsl-2875Al Firmware 1.00.05 D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted /romfile.cfg request to the web management server. | 7.5 |
| 2020-03-19 | CVE-2019-15653 | Insufficiently Protected Credentials vulnerability in Comba Ap2600-I - A02 - 0202N00Pd2 Firmware Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure authentication mechanism. | 5.0 |
| 2020-03-18 | CVE-2019-10682 | Insufficiently Protected Credentials vulnerability in Django-Nopassword Project Django-Nopassword django-nopassword before 5.0.0 stores cleartext secrets in the database. | 5.0 |
| 2020-03-18 | CVE-2020-9324 | Insufficiently Protected Credentials vulnerability in Aquaforest Tiff Server 4.0 Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC. | 5.0 |
| 2020-03-16 | CVE-2019-19135 | Insufficiently Protected Credentials vulnerability in Opcfoundation Netstandard.Opc.Ua and Ua-.Netstandard In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do not create sufficiently random numbers in OPCFoundation.NetStandard.Opc.Ua before 1.4.359.31, which allows man in the middle attackers to reuse encrypted user credentials sent over the network. | 5.8 |
| 2020-03-12 | CVE-2019-5648 | Insufficiently Protected Credentials vulnerability in Barracuda Load Balancer ADC Firmware Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. | 5.5 |
| 2020-03-11 | CVE-2019-9104 | Insufficiently Protected Credentials vulnerability in Moxa products An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. | 5.0 |