Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-57789 | 2025-08-20 | N/A | N/A | ||
| An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured. | |||||
| CVE-2025-44958 | 2025-08-04 | N/A | N/A | ||
| RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format. | |||||
| CVE-2024-32122 | 1 Fortinet | 1 Fortios | 2025-07-18 | N/A | 4.4 MEDIUM |
| A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1 allows attacker to information disclosure via modification of LDAP server IP to point to a malicious server. | |||||
| CVE-2025-6996 | 1 Ivanti | 1 Endpoint Manager | 2025-07-11 | N/A | N/A |
| Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords. | |||||
| CVE-2025-6995 | 1 Ivanti | 1 Endpoint Manager | 2025-07-11 | N/A | N/A |
| Improper use of encryption in the agent of Ivanti Endpoint Manager before version 2024 SU3 and 2022 SU8 Security Update 1 allows a local authenticated attacker to decrypt other users’ passwords. | |||||
| CVE-2024-51552 | 2025-05-22 | N/A | N/A | ||
| Weak password storage vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | |||||
| CVE-2025-24852 | 2025-03-31 | N/A | N/A | ||
| Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, an attacker who can access the microSD card used on the product may obtain the product login password. | |||||
| CVE-2024-8774 | 2025-03-24 | N/A | N/A | ||
| The SIMPLE.ERP client stores superuser password in a recoverable format, allowing any authenticated SIMPLE.ERP user to escalate privileges to a database administrator. This issue affect SIMPLE.ERP from 6.20 through 6.30. Only the 6.30 version received a patch 6.30@a03.9, which removed the vulnerability. Versions 6.20 and 6.25 remain unpatched. | |||||
| CVE-2023-38738 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2024-01-24 | N/A | 8.1 HIGH |
| IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594. | |||||
| CVE-2023-31001 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2024-01-18 | N/A | 5.5 MEDIUM |
| IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653. | |||||
| CVE-2021-27485 | 1 Zoll | 1 Defibrillator Dashboard | 2021-06-21 | 5.0 MEDIUM | 7.5 HIGH |
| ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their passwords in a recoverable format, which could allow an attacker to retrieve the credentials from the web browser. | |||||