An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix passw…

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.…

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to find pas…

An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_5g.cfg has clearte…

An issue was discovered on FiberHome HG6245D devices through RP2613. wifi_custom.cfg has cleart…

An issue was discovered on FiberHome HG6245D devices through RP2613. Some passwords are stored …

An issue was discovered on FiberHome HG6245D devices through RP2613. wifictl_2g.cfg has clearte…

rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requ…

Cisco Linksys E4200 1.0.05 Build 7 devices store passwords in cleartext allowing remote attacke…

The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) di…

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC ag…

The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database.…

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater R…

An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally…

KeePass through 2.53 (in a default installation) allows an attacker, who has write access to th…

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the …

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtai…

The D-Link DIR-300 router stores cleartext passwords, which allows context-dependent attackers …

SepCity Classified Ads stores the admin password in cleartext in data/classifieds.mdb, which al…

A Cleartext Storage of Sensitive Information vulnerability in SUSE Rancher allows authenticated…

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut fil…

The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to di…

A vulnerability in the “Backup & Restore” functionality of the web application of ctrlX OS allo…

In Airflow versions prior to 1.10.13, when creating a user using airflow CLI, the password gets…

iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communi…

A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center…

An unauthenticated remote attacker may be able to execute commands to view wireless account cre…

IMail stores usernames and passwords in cleartext in a cookie, which allows remote attackers to…

GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, w…

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cl…

UserView_list.php in PHPRunner 4.2, and possibly earlier, stores passwords in cleartext in the …

Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authenticati…

A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.…

Amazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS T…

In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials wer…

WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_…

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions thro…

FileZilla v3.59.0 allows attackers to obtain cleartext passwords of connected SSH or FTP server…

Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jen…

Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins maste…