Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-12 | CVE-2018-15717 | Insufficiently Protected Credentials vulnerability in Opendental Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes. | 5.3 |
| 2018-12-05 | CVE-2018-16791 | Insufficiently Protected Credentials vulnerability in Solarwinds Sftp/Scp Server 20180910 In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. | 9.8 |
| 2018-12-03 | CVE-2018-19795 | Insufficiently Protected Credentials vulnerability in Chipsbank Umptool ChipsBank UMPTool saves the password to the NAND with a simple substitution cipher, which allows attackers to get full access when having physical access to the device. | 6.8 |
| 2018-11-20 | CVE-2018-16223 | Insufficiently Protected Credentials vulnerability in Qbeecam 1.0.4/1.0.5 Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. | 9.8 |
| 2018-11-20 | CVE-2018-16222 | Insufficiently Protected Credentials vulnerability in Ismartalarm Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password. | 6.8 |
| 2018-11-20 | CVE-2018-12038 | Insufficiently Protected Credentials vulnerability in Samsung 840 EVO Firmware An issue was discovered on Samsung 840 EVO devices. | 4.2 |
| 2018-11-07 | CVE-2018-19078 | Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. | 9.8 |
| 2018-10-29 | CVE-2018-18754 | Insufficiently Protected Credentials vulnerability in Zyxel Vmg3312-B10B Firmware 1.00(Aapp.7) ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+ password hash in the etc/default.cfg file. | 9.8 |
| 2018-10-26 | CVE-2018-18656 | Insufficiently Protected Credentials vulnerability in Purevpn The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. | 7.8 |
| 2018-10-24 | CVE-2018-9280 | Insufficiently Protected Credentials vulnerability in Eaton 9PX UPS Firmware An issue was discovered on Eaton UPS 9PX 8000 SP devices. | 4.9 |