Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-14 | CVE-2023-20965 | Insufficiently Protected Credentials vulnerability in Google Android 13.0 In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. | 9.8 |
| 2023-08-03 | CVE-2023-36082 | Insufficiently Protected Credentials vulnerability in Gatesair Flexiva FAX 150W Firmware An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials. | 9.8 |
| 2023-07-13 | CVE-2023-34128 | Insufficiently Protected Credentials vulnerability in Sonicwall Analytics and Global Management System Tomcat application credentials are hardcoded in SonicWall GMS and Analytics configuration file. | 9.8 |
| 2023-07-12 | CVE-2023-36266 | Insufficiently Protected Credentials vulnerability in Keepersecurity Keeper and Keeperfill An issue was discovered in Keeper Password Manager for Desktop version 16.10.2, and the KeeperFill Browser Extensions version 16.5.4, allows local attackers to gain sensitive information via plaintext password storage in memory after the user is already logged in, and may persist after logout. | 5.5 |
| 2023-07-12 | CVE-2023-37951 | Insufficiently Protected Credentials vulnerability in Jenkins Mabl Jenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | 6.5 |
| 2023-06-29 | CVE-2023-36476 | Insufficiently Protected Credentials vulnerability in Nixos Calamares-Nixos-Extensions calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. | 5.5 |
| 2023-06-27 | CVE-2020-18406 | Insufficiently Protected Credentials vulnerability in Cmseasy 7.0 An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data. | 7.5 |
| 2023-06-27 | CVE-2023-28857 | Insufficiently Protected Credentials vulnerability in Apereo Central Authentication Service Apereo CAS is an open source multilingual single sign-on solution for the web. | 7.5 |
| 2023-06-16 | CVE-2023-35789 | Insufficiently Protected Credentials vulnerability in Rabbitmq-C Project Rabbitmq-C An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. | 5.5 |
| 2023-06-13 | CVE-2022-47376 | Insufficiently Protected Credentials vulnerability in BD Alaris Infusion Central The Alaris Infusion Central software, versions 1.1 to 1.3.2, may contain a recoverable password after the installation. | 7.3 |