Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-522 (不充分的凭证保护机制) — Vulnerability Class 366

366 vulnerabilities classified as CWE-522 (不充分的凭证保护机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-64898 ColdFusion | Insufficiently Protected Credentials (CWE-522) — ColdFusion 4.3 Medium2025-12-09
CVE-2025-13164 Digiwin|EasyFlow GP - Insufficiently Protected Credentials — EasyFlow GP 4.9 Medium2025-11-17
CVE-2025-13163 Digiwin|EasyFlow GP - Insufficiently Protected Credentials — EasyFlow GP 4.9 Medium2025-11-17
CVE-2025-36096 AIX Insufficiently Protected Credentials — AIX 9.0 Critical2025-11-13
CVE-2025-6571 AXIS OS 安全漏洞 — AXIS OS 6.0 Medium2025-11-11
CVE-2025-42897 Information Disclosure vulnerability in SAP Business One (SLD) — SAP Business One (SLD) 5.3 Medium2025-11-11
CVE-2025-12636 Ubia Ubox — Ubox Android 6.5 Medium2025-11-06
CVE-2025-54863 Insufficiently Protected Credentials in Radiometrics VizAir — VizAir 10.0 Critical2025-11-04
CVE-2025-12461 Unprotected access to parts of the application in Epsilon RH by Grupo Castilla — Epsilon RH 5.3AIMediumAI2025-10-29
CVE-2025-62794 GitHub Workflow Updater stored the optional Github token in plaintext — github-workflow-updater-extension 3.8 Low2025-10-28
CVE-2025-54808 Oxford Nanopore Technologies MinKNOW Insufficiently Protected Credentials — MinKNOW 7.8 High2025-10-23
CVE-2024-42192 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage — Traveler for Microsoft Outlook 5.5 Medium2025-10-16
CVE-2025-62157 Argo Workflows exposes artifact repository credentials in workflow-controller logs — argo-workflows 8.1AIHighAI2025-10-14
CVE-2025-61776 Dependency-Track possibly discloses private NuGet repository credentials to api.nuget.org — dependency-track 4.7 Medium2025-10-07
CVE-2025-37728 Kibana Insufficiently Protected Credentials in the CrowdStrike Connector — Kibana 5.4 Medium2025-10-07
CVE-2025-27231 LDAP 'Bind password' field value can be leaked by a Zabbix Super Admin — Zabbix 4.9 -2025-10-03
CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration — Print Virtual Appliance Host 9.8AICriticalAI2025-09-29
CVE-2025-10880 Insufficiently Protected Credentials in Dingtian DT-R002 — DT-R002 7.5AIHighAI2025-09-25
CVE-2025-10879 Insufficiently Protected Credentials in Dingtian DT-R002 — DT-R002 5.3AIMediumAI2025-09-25
CVE-2025-40838 Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability — Indoor Connect 8855 7.5AIHighAI2025-09-25
CVE-2025-10360 Insufficiently Protected Credentials in Puppet Enterprise 2025.4 and 2025.5 — Puppet Enterprise 4.4AIMediumAI2025-09-24
CVE-2025-54467 NeuVector process with sensitive arguments lead to leakage — neuvector 5.3 Medium2025-09-17
CVE-2025-23342 NVIDIA NVDebug 安全漏洞 — NVDebug tool 8.2 High2025-09-09
CVE-2025-42933 Insecure Storage of Sensitive Information in SAP Business One (SLD) — SAP Business One (SLD) 8.8 High2025-09-09
CVE-2025-41682 Credential Disclosure via Insecure Storage on Charge Controller — CC612 8.8 High2025-09-08
CVE-2025-58366 Onyxia private helm repository credentials are leaked through unauthenticated API — onyxia 9.1AICriticalAI2025-09-05
CVE-2025-52549 Predictable root linux password generation — E3 Supervisory Control 9.8AICriticalAI2025-09-02
CVE-2025-52545 Privilege escalation in the application services — E3 Supervisory Control 9.1AICriticalAI2025-09-02
CVE-2025-6519 Consistent predictable generation of the password for the default admin user "ONEDAY" to the application services — E3 Supervisory Control 9.8AICriticalAI2025-09-02
CVE-2025-55306 GenX_FX authentication bypass in JWT validation — GenX_FX 9.8 Critical2025-08-19

Vulnerabilities classified as CWE-522 (不充分的凭证保护机制) represent 366 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.