Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved.
General Electric D20ME devices are not properly configured and reveal plaintext passwords.
webauth before 4.6.1 has authentication credential disclosure
Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.
The Loftek Nexus 543 IP Camera stores passwords in cleartext, which allows remote attackers to obtain sensitive information via an HTTP GET request to check_users.cgi. NOTE: cleartext passwords can al...
Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9 generation motherboards before 3.15 (SMT_X9_315) and firmware for Supermicro X8 generati...