Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-24 | CVE-2018-9279 | Insufficiently Protected Credentials vulnerability in Eaton 9PX UPS Firmware An issue was discovered on Eaton UPS 9PX 8000 SP devices. | 4.9 |
| 2018-10-18 | CVE-2018-11079 | Insufficiently Protected Credentials vulnerability in EMC Secure Remote Services Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. | 7.8 |
| 2018-10-18 | CVE-2018-12383 | Insufficiently Protected Credentials vulnerability in multiple products If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. | 5.5 |
| 2018-10-17 | CVE-2018-10824 | Insufficiently Protected Credentials vulnerability in Dlink products An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. | 9.8 |
| 2018-10-12 | CVE-2018-17900 | Insufficiently Protected Credentials vulnerability in Yokogawa products Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers. | 9.8 |
| 2018-10-12 | CVE-2017-1231 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2018-10-10 | CVE-2018-13789 | Insufficiently Protected Credentials vulnerability in Descor Infocad FM An issue was discovered in Descor Infocad FM before 3.1.0.0. | 7.5 |
| 2018-10-09 | CVE-2018-18074 | Insufficiently Protected Credentials vulnerability in multiple products The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network. | 7.5 |
| 2018-10-09 | CVE-2018-14081 | Insufficiently Protected Credentials vulnerability in D-Link products An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone through 1.09 devices. | 9.8 |
| 2018-10-04 | CVE-2018-17871 | Insufficiently Protected Credentials vulnerability in Verint Verba Collaboration Compliance and Quality Management Platform Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control. | 6.5 |