Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-07 | CVE-2024-24488 | Cleartext Storage of Sensitive Information vulnerability in Tendacn CP3 Firmware 11.10.00.2311090948 An issue in Shenzen Tenda Technology CP3V2.0 V11.10.00.2311090948 allows a local attacker to obtain sensitive information via the password component. | 5.5 |
2024-02-07 | CVE-2023-31002 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Access Manager Container IBM Security Access Manager Container 10.0.0.0 through 10.0.6.1 temporarily stores sensitive information in files that could be accessed by a local user. | 5.5 |
2024-01-24 | CVE-2023-51702 | Cleartext Storage of Sensitive Information vulnerability in Apache Airflow and Airflow Cncf Kubernetes Since version 5.2.0, when using deferrable mode with the path of a Kubernetes configuration file for authentication, the Airflow worker serializes this configuration file as a dictionary and sends it to the triggerer by storing it in metadata without any encryption. | 6.5 |
2024-01-09 | CVE-2023-27098 | Cleartext Storage of Sensitive Information vulnerability in Tp-Link Tapo TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel. | 7.5 |
2023-12-26 | CVE-2023-6250 | Cleartext Storage of Sensitive Information vulnerability in Bestwebsoft Like & Share The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag | 7.5 |
2023-12-26 | CVE-2023-50294 | Cleartext Storage of Sensitive Information vulnerability in Weseek Growi The App Settings (/admin/app) page in GROWI versions prior to v6.0.6 stores sensitive information in cleartext form. | 6.5 |
2023-12-18 | CVE-2023-5384 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in Infinispan. | 2.7 |
2023-12-15 | CVE-2023-50719 | Cleartext Storage of Sensitive Information vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 7.5 |
2023-12-13 | CVE-2023-50772 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Json Pusher Jenkins Dingding JSON Pusher Plugin 2.0 and earlier stores access tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 4.3 |
2023-12-13 | CVE-2023-50773 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Json Pusher Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask access tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | 4.3 |