An attacker with a network connection could detect credentials in clear text.
A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI.
A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.
Out-of-bounds read in Telnet Client allows an unauthorized attacker to disclose information over a network.
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept user authentication credentials through cleartext cookie tran
An administrator could discover another account's credentials.
Under certain circumstances, attacker can capture the network key, read or write encrypted packets on the PowerG network.
Cleartext transmission of sensitive information in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network.
This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of credentials in its web management interface. A remote attacker could exploit this vulnerability by intercepting
An unauthenticated remote attacker may use the devices traffic capture without authentication to grab plaintext administrative credentials.
Out-of-bounds read in Windows Telephony Service allows an authorized attacker to disclose information locally.
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.
An unauthenticated user could discover account credentials via a brute-force attack without rate limiting
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network.
The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credenti
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.
Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network.
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
An authenticated user can disclose the cleartext password of a configured SMTP server via an HTTP GET request to the /config.php endpoint.
Successful exploitation of the vulnerability could allow an unauthenticated attacker to conduct brute force guessing and account takeover as the session cookies are predictable, potentially allowing t
Page 1+ Next →