Vulnerabilities > Insufficiently Protected Credentials
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-46651 | Insufficiently Protected Credentials vulnerability in Jenkins Warnings Jenkins Warnings Plugin 10.5.0 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to. | 6.5 |
| 2023-10-20 | CVE-2023-46115 | Insufficiently Protected Credentials vulnerability in Tauri Tauri is a framework for building binaries for all major desktop platforms. | 5.5 |
| 2023-10-18 | CVE-2023-5552 | Insufficiently Protected Credentials vulnerability in Sophos Firewall 19.0.1/19.5.3 A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”. | 7.5 |
| 2023-10-17 | CVE-2023-27132 | Insufficiently Protected Credentials vulnerability in Tsplus Remote Work 16.0.0.0 TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. | 9.8 |
| 2023-10-17 | CVE-2023-43777 | Insufficiently Protected Credentials vulnerability in Eaton Easysoft Eaton easySoft software is used to program easy controllers and displays for configuring, programming and defining parameters for all the intelligent relays. | 6.5 |
| 2023-10-12 | CVE-2023-27315 | Insufficiently Protected Credentials vulnerability in Netapp Snapgathers SnapGathers versions prior to 4.9 are susceptible to a vulnerability which could allow a local authenticated attacker to discover plaintext domain user credentials | 5.5 |
| 2023-10-11 | CVE-2022-44757 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Insights for vulnerability Remediation 2.0/2.0.2 BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. | 8.2 |
| 2023-10-11 | CVE-2022-44758 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Insights for vulnerability Remediation 2.0/2.0.2 BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. | 5.3 |
| 2023-10-11 | CVE-2022-42451 | Insufficiently Protected Credentials vulnerability in Hcltech Bigfix Patch Management 1054 Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user. | 4.4 |
| 2023-10-06 | CVE-2023-23370 | Insufficiently Protected Credentials vulnerability in Qnap Qvpn 2.1.0 An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. | 4.4 |