Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-17 | CVE-2019-0120 | Insufficiently Protected Credentials vulnerability in Intel products Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
| 2019-05-16 | CVE-2019-0881 | Insufficiently Protected Credentials vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-05-13 | CVE-2019-8350 | Insufficiently Protected Credentials vulnerability in Simple Better Banking 2.45.0/2.45.2/2.45.3 The Simple - Better Banking application 2.45.0 through 2.45.3 (fixed in 2.46.0) for Android was affected by an information disclosure vulnerability that leaked the user's password to the keyboard autocomplete functionality. | 6.8 |
| 2019-05-12 | CVE-2019-11885 | Insufficiently Protected Credentials vulnerability in Eye-Disk Eyedisk eyeDisk implements the unlock feature by sending a cleartext password. | 6.8 |
| 2019-05-09 | CVE-2019-11820 | Insufficiently Protected Credentials vulnerability in Synology Calendar Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline. | 5.5 |
| 2019-04-30 | CVE-2019-10318 | Insufficiently Protected Credentials vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-30 | CVE-2019-10316 | Insufficiently Protected Credentials vulnerability in Jenkins Aqua Microscanner Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
| 2019-04-30 | CVE-2019-10313 | Insufficiently Protected Credentials vulnerability in Jenkins Twitter Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
| 2019-04-24 | CVE-2019-10239 | Insufficiently Protected Credentials vulnerability in Robotronic Runasspc 3.7.0.0 Robotronic RunAsSpc 3.7.0.0 protects stored credentials insufficiently, which allows locally authenticated attackers (under the same user context) to obtain cleartext credentials of the stored account. | 7.8 |
| 2019-04-22 | CVE-2019-11402 | Insufficiently Protected Credentials vulnerability in Gradle Enterprise In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store the credentials at rest in an encrypted format. | 9.8 |