Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26401 | 2025-04-04 | N/A | N/A | ||
| Weak encoding for password vulnerability exists in HMI ViewJet C-more series. If this vulnerability is exploited, authentication information may be obtained by a local authenticated attacker. | |||||
| CVE-2025-2862 | 2025-03-28 | N/A | N/A | ||
| SaTECH BCU, in its firmware version 2.1.3, performs weak password encryption. This allows an attacker with access to the device's system or website to obtain the credentials, as the storage methods used are not strong enough in terms of encryption. | |||||
| CVE-2024-7407 | 2025-03-28 | N/A | N/A | ||
| Use of a custom password encoding algorithm in Streamsoft Prestiz software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed. This issue was fixed in 18.2.377 version of the software. | |||||
| CVE-2024-23492 | 2024-08-01 | N/A | N/A | ||
| A weak encoding is used to transmit credentials for WS203VICM. | |||||
| CVE-2024-5434 | 2024-05-29 | N/A | N/A | ||
| The Campbell Scientific CSI Web Server stores web authentication credentials in a file with a specific file name. Passwords within that file are stored in a weakly encoded format. There is no known way to remotely access the file unless it has been manually renamed. However, if an attacker were to gain access to the file, passwords could be decoded and reused to gain access. | |||||
| CVE-2024-0556 | 1 Xantech | 2 Wic1200, Wic1200 Firmware | 2024-01-23 | N/A | 6.5 MEDIUM |
| A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text. | |||||
| CVE-2023-0356 | 1 Socomec | 2 Modulys Gp, Net Vision | 2023-11-07 | N/A | 7.5 HIGH |
| SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong encryption for credentials on HTTP connections, which could result in threat actors obtaining sensitive information. | |||||