Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

CWE-260 (配置文件中存储口令) — Vulnerability Class 23

23 vulnerabilities classified as CWE-260 (配置文件中存储口令). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPaused
CVE-2019-25465 Hisilicon HiIpcam V100R003 Information Disclosure via Directory Traversal — HiIpcam 7.5 High2026-03-11
CVE-2025-15151 TaleLin Lin-CMS Tests Folder config.py password in configuration file — Lin-CMS 3.7 Low2025-12-28
CVE-2023-53770 MiniDVBLinux 5.4 Unauthenticated Configuration Download via Backup Endpoint — MiniDVBLinux(TM) Distribution (MLD) 9.1AICriticalAI2025-12-09
CVE-2023-53739 Tinycontrol LAN Controller v3 LK3 1.58a Unauthenticated Configuration Backup Disclosure — Tinycontrol LAN Controller v 9.1AICriticalAI2025-12-09
CVE-2025-33119 IBM QRadar SIEM Information Disclosure — QRadar Security Information and Event Management 6.5 Medium2025-11-12
CVE-2025-36002 IBM Sterling B2B Integrator information disclosure — Sterling B2B Integrator 5.5 Medium2025-10-16
CVE-2025-36100 IBM MQ information disclosure — MQ 5.1 Medium2025-09-07
CVE-2025-57754 eslint-ban-moment exposed a sensitive Supabase URI in .env (Credential leak) — eslint-ban-moment 9.8 Critical2025-08-21
CVE-2025-6513 BRAIN2 Configuration file for database access not sufficiently secured — BRAIN2 9.3 Critical2025-06-23
CVE-2025-25022 IBM QRadar Suite Software and IBM Cloud Pak for Security information disclosure — QRadar Suite Software 9.6 Critical2025-06-03
CVE-2025-33093 IBM Sterling Partner Engagement Manager information disclosure — Sterling Partner Engagement Manager 7.5 High2025-05-07
CVE-2025-32111 acme.sh 安全漏洞 — acme.sh 8.7 High2025-04-04
CVE-2024-45673 IBM Security Verify Bridge information disclosure — Security Verify Bridge Directory Sync 5.5 Medium2025-02-21
CVE-2024-49817 IBM Security Guardium Key Lifecycle Manager information disclosure — Security Guardium Key Lifecycle Manager 4.4 Medium2024-12-17
CVE-2023-34128 SonicWALL Analytics和GMS 安全漏洞 — GMS 9.8 -2023-07-13
CVE-2023-2790 TOTOLINK N200RE Telnet Service custom.conf password in configuration file — N200RE 2.3 Low2023-05-18
CVE-2021-35033 多款Zyxel产品授权问题漏洞 — NBG6818 series firmware 7.8 High2021-11-23
CVE-2020-5721 MikroTik WinBox 安全漏洞 — MikroTik WinBox 7.1 -2020-04-15
CVE-2016-7043 KIE Server和Busitess Central 信任管理问题漏洞 — kie-server 9.8 -2019-05-15
CVE-2019-3780 Cloud Foundry Container Runtime Leaks IAAS Credentials — Cloud Foundry Container Runtime (CFCR) 8.8 -2019-03-08
CVE-2017-7925 多款大华产品安全漏洞 — Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras 9.8 -2017-05-06
CVE-2017-7923 多款Hikvision产品安全漏洞 — Hikvision Cameras 9.8 -2017-05-06
CVE-2014-5400 Hospira MedNet Password in Configuration File — MedNet 8.4 -2015-04-03

Vulnerabilities classified as CWE-260 (配置文件中存储口令) represent 23 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.