Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2020-11923 | Cleartext Storage of Sensitive Information vulnerability in Wizconnected WIZ 1.14.0 An issue was discovered in WiZ Colors A60 1.14.0. | 2.1 |
| 2021-03-30 | CVE-2020-4944 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 7.0.3.0, 7.0.4.0, 7.0.5.3, 7.0.5.4, 7.1.0.0, 7.1.1.0, 7.1.1.1, and 7.1.1.2, stores keystore passwords in plain text after a manual edit, which can be read by a local user. | 2.1 |
| 2021-03-30 | CVE-2020-4884 | Cleartext Storage of Sensitive Information vulnerability in IBM Urbancode Deploy 6.2.7.9/7.0.5.4/7.1.1.1 IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 stores user credentials in plain in clear text which can be read by a local user. | 2.1 |
| 2021-03-29 | CVE-2021-28937 | Cleartext Storage of Sensitive Information vulnerability in Acexy Wireless-N Wifi Repeater Firmware 28.08.06.1 The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. | 5.0 |
| 2021-03-26 | CVE-2021-22194 | Cleartext Storage of Sensitive Information vulnerability in Gitlab In all versions of GitLab, marshalled session keys were being stored in Redis. | 2.1 |
| 2021-03-23 | CVE-2021-21339 | Cleartext Storage of Sensitive Information vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.0 |
| 2021-03-17 | CVE-2020-35455 | Cleartext Storage of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from Shared Preferences and the SQLite database because of insecure data storage. | 2.1 |
| 2021-03-17 | CVE-2020-35454 | Cleartext Storage of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain user credentials from an Android backup because of insecure application configuration. | 2.1 |
| 2021-03-15 | CVE-2021-28374 | Cleartext Storage of Sensitive Information vulnerability in Debian Courier-Authlib and Debian Linux The Debian courier-authlib package before 0.71.1-2 for Courier Authentication Library creates a /run/courier/authdaemon directory with weak permissions, allowing an attacker to read user information. | 5.0 |
| 2021-02-23 | CVE-2021-26595 | Cleartext Storage of Sensitive Information vulnerability in Rangerstudio Directus In Directus 8.x through 8.8.1, an attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by view the result of the api-aa, called automatically upon a connection. | 5.3 |