Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-21 | CVE-2020-7213 | Cleartext Storage of Sensitive Information vulnerability in Parallels 13 Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. | 7.6 |
2020-01-15 | CVE-2009-5068 | Cleartext Storage of Sensitive Information vulnerability in Simplemachines Simple Machines Forum There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. | 3.5 |
2020-01-09 | CVE-2010-3282 | Cleartext Storage of Sensitive Information vulnerability in multiple products 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log. | 1.9 |
2020-01-08 | CVE-2011-5247 | Cleartext Storage of Sensitive Information vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | 5.0 |
2020-01-05 | CVE-2019-19314 | Cleartext Storage of Sensitive Information vulnerability in Gitlab GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. | 5.0 |
2019-12-04 | CVE-2019-19228 | Cleartext Storage of Sensitive Information vulnerability in Fronius products Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file. | 5.0 |
2019-11-27 | CVE-2019-6670 | Cleartext Storage of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem. | 2.1 |
2019-11-26 | CVE-2016-3192 | Cleartext Storage of Sensitive Information vulnerability in Cloudera Manager Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files. | 4.0 |
2019-11-26 | CVE-2019-14890 | Cleartext Storage of Sensitive Information vulnerability in Redhat Ansible Tower 3.6.0 A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license. | 2.1 |
2019-11-25 | CVE-2019-14825 | Cleartext Storage of Sensitive Information vulnerability in Theforeman Katello A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. | 2.7 |