Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-03 | CVE-2021-33323 | Cleartext Storage of Sensitive Information vulnerability in Liferay DXP and Liferay Portal The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, autosaves form values for unauthenticated users, which allows remote attackers to view the autosaved values by viewing the form as an unauthenticated user. | 5.0 |
2021-08-03 | CVE-2021-33325 | Cleartext Storage of Sensitive Information vulnerability in Liferay DXP 7.0 The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19, and 7.2 before fix pack 7, user's clear text passwords are stored in the database if workflow is enabled for user creation, which allows attackers with access to the database to obtain a user's password. | 4.0 |
2021-07-25 | CVE-2021-37452 | Cleartext Storage of Sensitive Information vulnerability in NCH Quorum NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files. | 2.1 |
2021-07-25 | CVE-2021-37468 | Cleartext Storage of Sensitive Information vulnerability in NCH Reflect Customer Relationship Management NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files. | 2.1 |
2021-07-22 | CVE-2021-31581 | Cleartext Storage of Sensitive Information vulnerability in Akkadianlabs OVA Appliance and Provisioning Manager The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be escaped by abusing the 'Edit MySQL Configuration' command. | 2.1 |
2021-07-19 | CVE-2020-22741 | Cleartext Storage of Sensitive Information vulnerability in Baidu Xuperchain 3.6.0 An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature. | 5.0 |
2021-07-15 | CVE-2021-20510 | Cleartext Storage of Sensitive Information vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. | 2.1 |
2021-07-15 | CVE-2020-12731 | Cleartext Storage of Sensitive Information vulnerability in Magicsmotion Flamingo 2 Firmware The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications. | 5.0 |
2021-07-08 | CVE-2021-31816 | Cleartext Storage of Sensitive Information vulnerability in Octopus Server When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. | 7.5 |
2021-07-08 | CVE-2021-31817 | Cleartext Storage of Sensitive Information vulnerability in Octopus Server When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. | 7.5 |