Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-41629 | Cleartext Storage of Sensitive Information vulnerability in TI Fusion Digital Power Designer 7.10.1 An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials | 5.5 |
| 2024-09-10 | CVE-2024-35282 | Cleartext Storage of Sensitive Information vulnerability in Fortinet Forticlient A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker that has physical access to a jailbroken device to obtain cleartext passwords via keychain dump. | 4.6 |
| 2024-09-04 | CVE-2024-45004 | Cleartext Storage of Sensitive Information vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix leak of blob encryption key Trusted keys unseal the key blob on load, but keep the sealed payload in the blob field so that every subsequent read (export) will simply convert this field to hex and send it to userspace. With DCP-based trusted keys, we decrypt the blob encryption key (BEK) in the Kernel due hardware limitations and then decrypt the blob payload. BEK decryption is done in-place which means that the trusted key blob field is modified and it consequently holds the BEK in plain text. Every subsequent read of that key thus send the plain text BEK instead of the encrypted BEK to userspace. This issue only occurs when importing a trusted DCP-based key and then exporting it again. | 5.5 |
| 2024-09-04 | CVE-2024-41716 | Cleartext Storage of Sensitive Information vulnerability in Idec Windldr and Windo/I-Nv4 Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. | 8.1 |
| 2024-09-03 | CVE-2024-45391 | Cleartext Storage of Sensitive Information vulnerability in Tina Tina is an open-source content management system (CMS). | 7.5 |
| 2024-09-02 | CVE-2024-6921 | Cleartext Storage of Sensitive Information vulnerability in NAC Nacpremium Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. | 7.5 |
| 2024-08-28 | CVE-2021-22509 | Cleartext Storage of Sensitive Information vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in storing and reusing information in Advance Authentication. | 6.5 |
| 2024-08-22 | CVE-2024-32939 | Cleartext Storage of Sensitive Information vulnerability in Mattermost Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2, when shared channels are enabled, fail to redact remote users' original email addresses stored in user props when email addresses are otherwise configured not to be visible in the local server." | 3.7 |
| 2024-08-15 | CVE-2024-25024 | Cleartext Storage of Sensitive Information vulnerability in IBM Cloud PAK for Security and Qradar Suite IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2024-08-14 | CVE-2024-5916 | Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. | 4.4 |