Total
1275 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-6242 | 1 Kentico | 1 Xperience | 2025-12-19 | N/A |
| Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page. NOTE: the vendor considers this a best-practice violation but not a vulnerability. The vendor plans to fix it at a future time | ||||
| CVE-2025-26628 | 1 Microsoft | 2 Azure, Azure Local | 2025-12-19 | 7.3 High |
| Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-14148 | 1 Ibm | 2 Devops Deploy, Ucd Ibm Devops Deploy | 2025-12-18 | 6.5 Medium |
| IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 could allow an authenticated user with LLM integration configuration privileges to recover a previously saved LLM API Token. | ||||
| CVE-2025-48709 | 1 Bmc | 2 Control-m, Control-m\/server | 2025-12-18 | 3.8 Low |
| BMC Control-M/Server 9.0.21.300 displays cleartext database credentials in process lists and logs. An authenticated attacker with shell access could observe these credentials and use them to log in to the database server. For example, when Control-M/Server on Windows has a database connection on, it runs 'DBUStatus.exe' frequently, which then calls 'dbu_connection_details.vbs' with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations. Fixed in PACTV.9.0.21.307. | ||||
| CVE-2025-66029 | 1 Osc | 1 Open Ondemand | 2025-12-18 | 7.6 High |
| Open OnDemand provides remote web access to supercomputers. In versions 4.0.8 and prior, the Apache proxy allows sensitive headers to be passed to origin servers. This means malicious users can create an origin server on a compute node that record these headers when unsuspecting users connect to it. Maintainers anticipate a patch in a 4.1 release. Workarounds exist for 4.0.x versions. Using `custom_location_directives` in `ood_portal.yml` in version 4.0.x (not available for versions below 4.0) centers can unset and or edit these headers. Note that `OIDCPassClaimsAs both` is the default and centers can set `OIDCPassClaimsAs ` to `none` or `environment` to stop passing these headers to the client. Centers that have an OIDC provider with the `OIDCPassClaimsAs` with `none` or `environment` settings can adjust the settings using guidance provided in GHSA-2cwp-8g29-9q32 to unset the mod_auth_openidc_session cookies. | ||||
| CVE-2025-58130 | 1 Apache | 1 Fineract | 2025-12-18 | 9.1 Critical |
| Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release. | ||||
| CVE-2020-36896 | 2 Howfor, Qihang Media | 2 Qihang Media Web Digital Signage, Web Digital Signage | 2025-12-17 | 7.5 High |
| QiHang Media Web Digital Signage 3.0.9 contains a cleartext credentials vulnerability that allows unauthenticated attackers to access administrative login information through an unprotected XML file. Attackers can retrieve hardcoded admin credentials by requesting the '/xml/User/User.xml' file, enabling direct authentication bypass. | ||||
| CVE-2025-0890 | 1 Zyxel | 28 Sbg3300-n000, Sbg3300-n000 Firmware, Sbg3300-nb00 and 25 more | 2025-12-15 | 9.8 Critical |
| **UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00(AAFR.4)C0_20170615 could allow an attacker to log in to the management interface if the administrators have the option to change the default credentials but fail to do so. | ||||
| CVE-2025-63361 | 1 Waveshare | 3 Rs232/485 To Wifi Eth B, Rs232\/485 To Wifi Eth \(b\), Rs232\/485 To Wifi Eth \(b\) Firmware | 2025-12-15 | 5.7 Medium |
| Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to render the Administrator password in plaintext. | ||||
| CVE-2025-64898 | 1 Adobe | 1 Coldfusion | 2025-12-12 | 4.3 Medium |
| ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or transmitted credentials. Exploitation of this issue does not require user interaction. | ||||
| CVE-2025-6571 | 2 Axis, Axis Communications Ab | 2 Axis Os, Axis Os | 2025-12-11 | 6 Medium |
| A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it. | ||||
| CVE-2024-28110 | 2 Cloudevents, Redhat | 4 Go Sdk, Sdk Go, Openshift and 1 more | 2025-12-04 | 7.5 High |
| Go SDK for CloudEvents is the official CloudEvents SDK to integrate applications with CloudEvents. Prior to version 2.15.2, using cloudevents.WithRoundTripper to create a cloudevents.Client with an authenticated http.RoundTripper causes the go-sdk to leak credentials to arbitrary endpoints. When the transport is populated with an authenticated transport, then http.DefaultClient is modified with the authenticated transport and will start to send Authorization tokens to any endpoint it is used to contact. Version 2.15.2 patches this issue. | ||||
| CVE-2025-13758 | 1 Devolutions | 1 Devolutions Server | 2025-12-03 | 3.5 Low |
| Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8. | ||||
| CVE-2025-34078 | 1 Nsclient | 1 Nsclient\+\+ | 2025-11-29 | 7.8 High |
| A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file (nsclient.ini) stores the administrative password in plaintext and is readable by local users. By extracting this password, an attacker can authenticate to the NSClient++ web interface (typically accessible on port 8443) and abuse the ExternalScripts plugin to inject and execute arbitrary commands as SYSTEM by registering a custom script, saving the configuration, and triggering it via the API. This behavior is documented but insecure, as the plaintext credential exposure undermines access isolation between local users and administrative functions. | ||||
| CVE-2025-36096 | 1 Ibm | 2 Aix, Vios | 2025-11-19 | 9 Critical |
| IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 stores NIM private keys used in NIM environments in an insecure way which is susceptible to unauthorized access by an attacker using man in the middle techniques. | ||||
| CVE-2025-34139 | 1 Sitecore | 4 Experience Commerce, Experience Manager, Experience Platform and 1 more | 2025-11-19 | N/A |
| A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience Commerce (XC), and Managed Cloud that could allow an unauthenticated attacker to read arbitrary files. This vulnerability affects all Experience Platform topologies (XM, XP, XC) from 8.0 Initial Release through 10.4 Initial Release and later. This issue affects Content Management (CM) and standalone instances. PaaS and containerized solutions are also affected. | ||||
| CVE-2025-13163 | 1 Digiwin | 1 Easyflow Gp | 2025-11-18 | 4.9 Medium |
| EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext database account credentials from the system frontend. | ||||
| CVE-2025-13164 | 1 Digiwin | 1 Easyflow Gp | 2025-11-18 | 4.9 Medium |
| EasyFlow GP developed by Digiwin has an Insufficiently Protected Credentials vulnerability, allowing privileged remote attackers to obtain plaintext credentials of AD and system mail from the system frontend. | ||||
| CVE-2025-34207 | 1 Vasion | 2 Virtual Appliance Application, Virtual Appliance Host | 2025-11-17 | 9.8 Critical |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 (VA and SaaS deployments) configure the SSH client within Docker instances with the following options: `UserKnownHostsFile=/dev/null`, `StrictHostKeyChecking=no`, and `ForwardAgent yes`. These settings disable verification of the remote host’s SSH key and automatically forward the developer’s SSH‑agent to any host that matches the configured wildcard patterns. As a result, an attacker who can reach a single compromised container can cause the container to connect to a malicious SSH server, capture the forwarded private keys, and use those keys for unrestricted lateral movement across the environment. This vulnerability has been identified by the vendor as: V-2024-027 — Insecure Secure Shell (SSH) Configuration. | ||||
| CVE-2025-34196 | 2 Microsoft, Vasion | 4 Windows, Print Application, Virtual Appliance Application and 1 more | 2025-11-17 | 9.8 Critical |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application prior to 25.1.1413 (Windows client deployments) contain a hardcoded private key for the PrinterLogic Certificate Authority (CA) and a hardcoded password in product configuration files. The Windows client ships the CA certificate and its associated private key (and other sensitive settings such as a configured password) directly in shipped configuration files (for example clientsettings.dat and defaults.ini). An attacker who obtains these files can impersonate the CA, sign arbitrary certificates trusted by the Windows client, intercept or decrypt TLS-protected communications, and otherwise perform man-in-the-middle or impersonation attacks against the product's network communications. This vulnerability has been identified by the vendor as: V-2022-001 — Configuration File Contains CA & Private Key. | ||||