Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-14 | CVE-2019-13021 | Cleartext Storage of Sensitive Information vulnerability in Jetstream Jetselect The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. | 6.5 |
2020-04-27 | CVE-2020-11415 | Cleartext Storage of Sensitive Information vulnerability in Sonatype Nexus Repository Manager An issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.17 and 3.x before 3.22.1. | 4.9 |
2020-04-16 | CVE-2020-2177 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Copr 0.1/0.2/0.3 Jenkins Copr Plugin 0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 4.3 |
2020-04-16 | CVE-2020-11826 | Cleartext Storage of Sensitive Information vulnerability in Appinghouse Memono 3.8 Users can lock their notes with a password in Memono version 3.8. | 7.5 |
2020-04-06 | CVE-2020-10267 | Cleartext Storage of Sensitive Information vulnerability in Universal-Robots UR Software Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1.10) does not encrypt or protect in any way the intellectual property artifacts installed from the UR+ platform of hardware and software components (URCaps). | 7.5 |
2020-03-30 | CVE-2020-5723 | Cleartext Storage of Sensitive Information vulnerability in Grandstream products The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. | 9.8 |
2020-03-27 | CVE-2020-3921 | Cleartext Storage of Sensitive Information vulnerability in Unisoon Ultralog Express Firmware 1.4.0 UltraLog Express device management software stores user’s information in cleartext. | 7.5 |
2020-03-19 | CVE-2019-16062 | Cleartext Storage of Sensitive Information vulnerability in Netsas Enigma Network Management Solution NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. | 6.5 |
2020-03-18 | CVE-2019-10682 | Cleartext Storage of Sensitive Information vulnerability in Django-Nopassword Project Django-Nopassword django-nopassword before 5.0.0 stores cleartext secrets in the database. | 7.5 |
2020-03-16 | CVE-2020-6980 | Cleartext Storage of Sensitive Information vulnerability in Rockwellautomation products Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Transfer Protocol (SMTP) account data is saved in RSLogix 500, a local attacker with access to a victim’s project may be able to gather SMTP server authentication data as it is written to the project file in cleartext. | 3.3 |