CWE-257: CWE-257

This vulnerability in Ivanti Endpoint Manager allows a local authenticated attacker to decrypt other users' passwords due to improper encryption imple...

A security vulnerability in HCL Compass allows attackers to bypass authentication mechanisms and gain unauthorized access to the database. This affect...

This vulnerability allows unauthenticated attackers to retrieve the Information Mode password from Unitronics Vision Standard controllers. This affect...

CVE-2025-57796 affects Explorance Blue versions before 8.14.12, using reversible symmetric encryption with a hardcoded static key to protect sensitive...

CVE-2024-32932 allows authenticated users to recover other users' credentials from the web interface under certain circumstances. This affects Johnson...

This CVE describes weak password storage vulnerabilities in ABB's ASPECT, NEXUS, and MATRIX series products. If administrator credentials are compromi...

This vulnerability in Sharp and Toshiba multifunction printers allows decrypted user passwords to be stored in memory before login and potentially ret...

This vulnerability allows remote attackers to gain administrative control of affected systems by exploiting default credentials during the brief setup...

Newforma Info Exchange (NIX) stores encrypted credentials with their encryption key in the same Windows registry location, allowing authenticated user...

RUCKUS Network Director (RND) versions before 4.5 store passwords in a recoverable format instead of using secure hashing. This vulnerability allows a...

This vulnerability in CyberPower PowerPanel Business for Windows exposes the encryption key for stored passwords within the application code, allowing...

This vulnerability in CHOCO TEI WATCHER mini cameras allows attackers who gain physical access to the device's microSD card to recover stored login pa...

This vulnerability in SiPass integrated allows administrators to decrypt and recover user passwords stored in the database. All SiPass integrated vers...

This vulnerability allows attackers to access stored passwords in a recoverable format in Automated Logic WebCTRL and Carrier i-Vu building automation...

Asseco InfoMedica stores user passwords in an encoded format that can be decoded using an algorithm present in the client-side software. This vulnerab...

This vulnerability allows attackers to recover the plaintext Gateway Key from NetSupport Manager client configuration files due to reversible encoding...