Total
778 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29956 | 1 Broadcom | 1 Brocade Sannav | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav. | |||||
| CVE-2024-29954 | 1 Broadcom | 1 Fabric Operating System | 2026-06-17 | N/A | 5.9 MEDIUM |
| A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b, v9.1.1d, and v8.2.3e prints sensitive information in log files. This could allow an authenticated user to view the server passwords for protocols such as scp and sftp. Detail. When the firmwaredownload command is incorrectly entered or points to an erroneous file, the firmware download log captures the failed command, including any password entered in the command line. | |||||
| CVE-2024-29952 | 1 Broadcom | 1 Brocade Sannav | 2026-06-17 | N/A | 5.5 MEDIUM |
| A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. | |||||
| CVE-2024-29146 | 2026-06-17 | N/A | 5.9 MEDIUM | ||
| User passwords are decrypted and stored on memory before any user logged in. Those decrypted passwords can be retrieved from the coredump file. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. | |||||
| CVE-2024-28810 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2026-06-17 | N/A | 6.6 MEDIUM |
| An issue was discovered in Infinera hiT 7300 5.60.50. Sensitive information inside diagnostic files (exported by the @CT application) allows an attacker to achieve loss of confidentiality by analyzing these files. | |||||
| CVE-2024-28809 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credentials. | |||||
| CVE-2024-28807 | 1 Nokia | 2 Hit 7300, Hit 7300 Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive information in the memory of the @CT desktop management application allows guest OS administrators to obtain various users' passwords by accessing memory dumps of the desktop application. | |||||
| CVE-2024-28387 | 1 Axonaut | 1 Axonaut | 2026-06-17 | N/A | 7.5 HIGH |
| An issue in axonaut v.3.1.23 and before allows a remote attacker to obtain sensitive information via the log.txt component. | |||||
| CVE-2024-28327 | 2026-06-17 | N/A | 8.4 HIGH | ||
| Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings. | |||||
| CVE-2024-28065 | 2026-06-17 | N/A | 5.9 MEDIUM | ||
| In Unify CP IP Phone firmware 1.10.4.3, files are not encrypted and contain sensitive information such as the root password hash. | |||||
| CVE-2024-28024 | 1 Hitachienergy | 2 Foxman-un, Unem | 2026-06-17 | N/A | 4.1 MEDIUM |
| A vulnerability exists in the FOXMAN-UN/UNEM in which sensitive information is stored in cleartext within a resource that might be accessible to another control sphere. | |||||
| CVE-2024-25661 | 1 Nokia | 1 Transcend Network Management System | 2026-06-17 | N/A | 7.7 HIGH |
| In Infinera TNMS (Transcend Network Management System) 19.10.3, cleartext storage of sensitive information in memory of the desktop application TNMS Client allows guest OS administrators to obtain various users' passwords by reading memory dumps of the desktop application. | |||||
| CVE-2024-25658 | 1 Nokia | 1 Transcend Network Management System | 2026-06-17 | N/A | 6.5 MEDIUM |
| Cleartext storage of passwords in Infinera TNMS (Transcend Network Management System) Server 19.10.3 allows attackers (with access to the database or exported configuration files) to obtain SNMP users' usernames and passwords in cleartext. | |||||
| CVE-2024-25024 | 1 Ibm | 2 Cloud Pak For Security, Qradar Suite | 2026-06-17 | N/A | 5.5 MEDIUM |
| IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 281430. | |||||
| CVE-2024-25023 | 1 Ibm | 2 Cloud Pak For Security, Qradar Suite | 2026-06-17 | N/A | 5.5 MEDIUM |
| IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.22.0 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 281429. | |||||
| CVE-2024-24915 | 2 Checkpoint, Microsoft | 2 Smartconsole, Windows | 2026-06-17 | N/A | 6.1 MEDIUM |
| Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them. | |||||
| CVE-2024-24488 | 1 Tendacn | 2 Cp3, Cp3 Firmware | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. | |||||
| CVE-2024-24375 | 1 Jfinalcms Project | 1 Jfinalcms | 2026-06-17 | N/A | 7.5 HIGH |
| SQL injection vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to obtain sensitive information via /admin/admin name parameter. | |||||
| CVE-2024-23942 | 2026-06-17 | N/A | 7.1 HIGH | ||
| A local user may find a configuration file on the client workstation with unencrypted sensitive data. This allows an attacker to impersonate the device or prevent the device from accessing the cloud portal which leads to a DoS. | |||||
| CVE-2024-23584 | 2026-06-17 | N/A | 6.6 MEDIUM | ||
| The NMAP Importer service? may expose data store credentials to authorized users of the Windows Registry. | |||||