CWE-CWE-255 CVE

Filtered by CWE-255

Total 725 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-0898	1 Vmware	1 Pivotal Software Mysql	2024-02-28	5.0 MEDIUM	10.0 CRITICAL
MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. These credentials were logged to the Service Backup component logs, and not the system log, thus were not exposed outside the Service Backup VM.
CVE-2016-6538	1 Thetrackr	2 Trackr Bravo, Trackr Bravo Firmware	2024-02-28	3.3 LOW	8.8 HIGH
The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.
CVE-2014-6111	1 Ibm	2 Security Identity Manager, Tivoli Identity Manager	2024-02-28	2.1 LOW	7.8 HIGH
IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to decrypt SIM credentials via unspecified vectors. IBM X-Force ID: 96180.
CVE-2014-0872	1 Ibm	1 Security Key Lifecycle Manager	2024-02-28	1.5 LOW	4.1 MEDIUM
The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access. IBM X-Force ID: 90988.
CVE-2008-1271			2024-02-28	N/A	N/A
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1218. Reason: This candidate is a duplicate of CVE-2008-1218. Notes: All CVE users should reference CVE-2008-1218 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Vulnerabilities (CVE)