Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2022-10-27 CVE-2022-39364 Cleartext Storage of Sensitive Information vulnerability in Nextcloud Enterprise Server and Nextcloud Server
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform.
network
low complexity
nextcloud CWE-312
6.5
2022-10-25 CVE-2022-39351 Cleartext Storage of Sensitive Information vulnerability in Owasp Dependency-Track
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
local
low complexity
owasp CWE-312
4.4
2022-10-17 CVE-2022-3540 Cleartext Storage of Sensitive Information vulnerability in Hunter2 Project Hunter2
An issue has been discovered in hunter2 affecting all versions before 2.1.0.
network
low complexity
hunter2-project CWE-312
6.5
2022-10-12 CVE-2022-33918 Cleartext Storage of Sensitive Information vulnerability in Dell Geodrive
Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability.
local
low complexity
dell CWE-312
5.5
2022-09-29 CVE-2015-1931 Cleartext Storage of Sensitive Information vulnerability in multiple products
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.
local
low complexity
ibm suse redhat CWE-312
5.5
2022-09-29 CVE-2020-15325 Cleartext Storage of Sensitive Information vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded Erlang cookie for ejabberd replication.
network
low complexity
zyxel CWE-312
5.3
2022-09-29 CVE-2020-15332 Cleartext Storage of Sensitive Information vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.
network
low complexity
zyxel CWE-312
critical
9.8
2022-09-21 CVE-2022-41248 Cleartext Storage of Sensitive Information vulnerability in Jenkins Bigpanda Notifier
Jenkins BigPanda Notifier Plugin 1.4.0 and earlier does not mask the BigPanda API key on the global configuration form, increasing the potential for attackers to observe and capture it.
network
low complexity
jenkins CWE-312
5.3
2022-09-09 CVE-2022-26390 Cleartext Storage of Sensitive Information vulnerability in Baxter products
The Baxter Spectrum Wireless Battery Module (WBM) stores network credentials and PHI (only applicable to Spectrum IQ pumps using auto programming) in unencrypted form.
high complexity
baxter CWE-312
4.2
2022-09-08 CVE-2022-37857 Cleartext Storage of Sensitive Information vulnerability in Hauk Project Hauk 1.6.1
bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank.
network
low complexity
hauk-project CWE-312
7.5