Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-522 (不充分的凭证保护机制) — Vulnerability Class 367

367 vulnerabilities classified as CWE-522 (不充分的凭证保护机制). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-41677 Fortinet FortiProxy 安全漏洞 — FortiOS 7.5 High2024-04-09
CVE-2023-50311 IBM CICS Transaction Gateway for Multiplatforms information disclosure — CICS Transaction Gateway for Multiplatforms 3.1 Low2024-03-31
CVE-2021-38938 IBM Host Access Transformation Services information disclosure — Host Access Transformation Services 6.2 Medium2024-03-15
CVE-2024-0368 Hustle <= 7.8.3 - Sensitive Information Exposure via Exposed Hubspot API Keys — Hustle – Email Marketing, Lead Generation, Optins, Popups 8.6 High2024-03-13
CVE-2024-28110 Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials — sdk-go 7.5 High2024-03-06
CVE-2024-21815 Gallagher Command Centre 安全漏洞 — Command Centre Server 9.1 Critical2024-03-05
CVE-2023-6259 Local Access to Sensitive Data in Brivo ACS100 and ACS300 — ACS100, ACS300 7.1 High2024-02-19
CVE-2023-4538 Shared Key in Comarch ERP XL — ERP XL 6.2 Medium2024-02-15
CVE-2023-27975 Schneider Electric Modicon M340 安全漏洞 — EcoStruxure Control Expert 7.1 High2024-02-14
CVE-2024-23306 BIG-IP Next CNF & SPK vulnerability — BIG-IP Next SPK 7.1 High2024-02-14
CVE-2022-34311 IBM CICS TX session fixation — CICS TX Standard 4.3 Medium2024-02-12
CVE-2023-50291 Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords — Apache Solr 7.5 -2024-02-09
CVE-2024-24595 Allegro AI ClearML 安全漏洞 — ClearML 6.0 Medium2024-02-05
CVE-2023-29055 Apache Kylin: Insufficiently protected credentials in config file — Apache Kylin 9.8 -2024-01-29
CVE-2023-29447 Insufficiently Protected Credentials in PTC's Kepware KEPServerEX — Kepware KEPServerEX 5.7 Medium2024-01-10
CVE-2023-32268 Administrator equivalent Filr user can access proxy administrator credentials — Filr 7.2 High2023-12-06
CVE-2023-49280 Data leak of password hash through xwiki change request — application-changerequest 7.7 High2023-12-04
CVE-2023-6254 Password is send back to client — OTRS 8.1 High2023-11-27
CVE-2023-26221 TIBCO Spotfire Insufficiently Protected Credential vulnerability — Spotfire Analyst 5.0 Medium2023-11-08
CVE-2023-23370 QVPN Device Client — QVPN Windows 6.7 Medium2023-10-06
CVE-2023-44158 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 15 7.5 -2023-09-27
CVE-2023-43631 SSH as Root Unlockable Without Triggering Measured Boot — EVE OS 8.8 High2023-09-21
CVE-2023-43633 Debug Functions Unlockable Without Triggering Measured Boot — EVE OS 8.8 High2023-09-21
CVE-2023-43634 Config Partition Not Protected by Measured Boot — EVE OS 8.8 High2023-09-21
CVE-2023-43635 Vault Key Sealed With SHA1 PCRs — EVE OS 8.8 High2023-09-20
CVE-2023-43630 Config Partition Not Measured From 2 Fronts — EVE OS 8.8 High2023-09-20
CVE-2023-25532 NVIDIA DGX 安全漏洞 — DGX H100 BMC 6.5 Medium2023-09-20
CVE-2023-25531 NVIDIA DGX 安全漏洞 — DGX H100 BMC 7.6 High2023-09-20
CVE-2023-3251 Pass-back vulnerability in Nessus — Nessus 4.1 Medium2023-08-29
CVE-2023-40173 Unsalted passwords in fobybus/social-media-skeleton — social-media-skeleton 7.5 High2023-08-18

Vulnerabilities classified as CWE-522 (不充分的凭证保护机制) represent 367 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.