Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-22 | CVE-2019-5627 | Insufficiently Protected Credentials vulnerability in Bluecats BC Reveal The iOS mobile application BlueCats Reveal before 5.14 stores the username and password in the app cache as base64 encoded strings, i.e. | 7.8 |
| 2019-05-22 | CVE-2019-5626 | Insufficiently Protected Credentials vulnerability in Bluecats Reveal 3.0.18 The Android mobile application BlueCats Reveal before 3.0.19 stores the username and password in a clear text file. | 7.8 |
| 2019-05-22 | CVE-2019-5625 | Insufficiently Protected Credentials vulnerability in Eaton Halo Home 1.9.0 The Android mobile application Halo Home before 1.11.0 stores OAuth authentication and refresh access tokens in a clear text file. | 7.1 |
| 2019-05-22 | CVE-2019-12046 | Insufficiently Protected Credentials vulnerability in multiple products LemonLDAP::NG -2.0.3 has Incorrect Access Control. | 9.8 |
| 2019-05-17 | CVE-2019-10139 | Insufficiently Protected Credentials vulnerability in Ovirt Cockpit-Ovirt During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ansible variable file `/var/lib/ovirt-hosted-engine-setup/cockpit/ansibleVarFileXXXXXX.var` which contains the admin and the appliance passwords as plain-text. | 7.8 |
| 2019-05-17 | CVE-2019-0120 | Insufficiently Protected Credentials vulnerability in Intel products Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R) Processor J Series, Intel(R) Pentium(R) Processor N Series, Intel(R) Celeron(R) J Series, Intel(R) Celeron(R) N Series, Intel(R) Atom(R) Processor A Series, Intel(R) Atom(R) Processor E3900 Series, Intel(R) Pentium(R) Processor Silver Series may allow a privileged user to potentially enable denial of service via local access. | 4.4 |
| 2019-05-16 | CVE-2019-0881 | Insufficiently Protected Credentials vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-05-13 | CVE-2019-8350 | Insufficiently Protected Credentials vulnerability in Simple Better Banking 2.45.0/2.45.2/2.45.3 The Simple - Better Banking application 2.45.0 through 2.45.3 (fixed in 2.46.0) for Android was affected by an information disclosure vulnerability that leaked the user's password to the keyboard autocomplete functionality. | 6.8 |
| 2019-05-12 | CVE-2019-11885 | Insufficiently Protected Credentials vulnerability in Eye-Disk Eyedisk eyeDisk implements the unlock feature by sending a cleartext password. | 6.8 |
| 2019-05-09 | CVE-2019-11820 | Insufficiently Protected Credentials vulnerability in Synology Calendar Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline. | 5.5 |