• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-522

CVE-2020-13344

February 26, 2023 by

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Sessions keys are stored in plain-text in Redis which allows attacker with Redis access to authenticate as any user that has a session stored in Redis

CVE-2020-12333

February 26, 2023 by

Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2020-12309

February 26, 2023 by

Insufficiently protected credentialsin subsystem in some Intel(R) Client SSDs and some Intel(R) Data Center SSDs may allow an unauthenticated user to potentially enable information disclosure via physical access.

CVE-2020-12316

February 26, 2023 by

Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access.

CVE-2020-12273

February 26, 2023 by

In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials.

CVE-2020-12061

February 26, 2023 by

An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Communication between the microcontroller and the secure element transmits credentials in plain. This allows an adversary to eavesdrop the communication and derive the secrets stored in the microcontroller. As a result, the attacker is able to arbitrarily manipulate the firmware of the microcontroller.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 39
  • Go to page 40
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Interim pages omitted …
  • Go to page 117
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE