Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-10523 | Cleartext Storage of Sensitive Information vulnerability in Tp-Link Tapo H100 Firmware This vulnerability exists in TP-Link IoT Smart Hub due to storage of Wi-Fi credentials in plain text within the device firmware. | 4.6 |
| 2024-10-29 | CVE-2024-7783 | Cleartext Storage of Sensitive Information vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0 mintplex-labs/anything-llm version latest contains a vulnerability where sensitive information, specifically a password, is improperly stored within a JWT (JSON Web Token) used as a bearer token in single user mode. | 7.5 |
| 2024-10-09 | CVE-2024-9466 | Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Expedition A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. | 6.5 |
| 2024-10-04 | CVE-2024-6400 | Cleartext Storage of Sensitive Information vulnerability in Finrota Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data.This issue solved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11 and 1.24.03. | 7.5 |
| 2024-10-02 | CVE-2024-20448 | Cleartext Storage of Sensitive Information vulnerability in Cisco Nexus Dashboard Fabric Controller A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with access to a backup file to view sensitive information. This vulnerability is due to the improper storage of sensitive information within config only and full backup files. | 8.6 |
| 2024-09-30 | CVE-2024-8459 | Cleartext Storage of Sensitive Information vulnerability in Planet Gs-4210-24P2S Firmware and Gs-4210-24Pl4C Firmware Certain switch models from PLANET Technology store SNMPv3 users' passwords in plaintext within the configuration files, allowing remote attackers with administrator privileges to read the file and obtain the credentials. | 4.9 |
| 2024-09-27 | CVE-2024-8644 | Cleartext Storage of Sensitive Information vulnerability in Oceanicsoft Valeapp Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp allows Protocol Manipulation, : JSON Hijacking (aka JavaScript Hijacking).This issue affects ValeApp: before v2.0.0. | 7.5 |
| 2024-09-26 | CVE-2024-7259 | A flaw was found in oVirt. | 4.4 |
| 2024-09-25 | CVE-2023-5359 | Cleartext Storage of Sensitive Information vulnerability in Boldgrid W3 Total Cache The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. | 7.5 |
| 2024-09-21 | CVE-2024-6785 | Cleartext Storage of Sensitive Information vulnerability in Moxa Mxview ONE and Mxview ONE Central Manager The configuration file stores credentials in cleartext. | 7.1 |