Vulnerabilities > Cleartext Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-08 | CVE-2011-5247 | Cleartext Storage of Sensitive Information vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword. | 7.5 |
2020-01-05 | CVE-2019-19314 | Cleartext Storage of Sensitive Information vulnerability in Gitlab GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens in plaintext. | 7.5 |
2019-12-04 | CVE-2019-19228 | Cleartext Storage of Sensitive Information vulnerability in Fronius products Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attackers to bypass authentication because the password for the today account is stored in the /tmp/web_users.conf file. | 9.8 |
2019-11-27 | CVE-2019-6670 | Cleartext Storage of Sensitive Information vulnerability in F5 products On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.1-11.6.5, vCMP hypervisors are incorrectly exposing the plaintext unit key for their vCMP guests on the filesystem. | 4.4 |
2019-11-26 | CVE-2016-3192 | Cleartext Storage of Sensitive Information vulnerability in Cloudera Manager Cloudera Manager 5.x before 5.7.1 places Sensitive Data in cleartext Readable Files. | 6.5 |
2019-11-26 | CVE-2019-14890 | Cleartext Storage of Sensitive Information vulnerability in Redhat Ansible Tower 3.6.0 A vulnerability was found in Ansible Tower before 3.6.1 where an attacker with low privilege could retrieve usernames and passwords credentials from the new RHSM saved in plain text into the database at '/api/v2/config' when applying the Ansible Tower license. | 8.4 |
2019-11-25 | CVE-2019-5848 | Cleartext Storage of Sensitive Information vulnerability in Google Chrome Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
2019-11-15 | CVE-2011-2916 | Cleartext Storage of Sensitive Information vulnerability in Qtnx Project Qtnx 0.9 qtnx 0.9 stores non-custom SSH keys in a world-readable configuration file. | 5.5 |
2019-11-08 | CVE-2008-7272 | Cleartext Storage of Sensitive Information vulnerability in Getfiregpg Firegpg FireGPG before 0.6 handle user’s passphrase and decrypted cleartext insecurely by writing pre-encrypted cleartext and the user's passphrase to disk which may result in the compromise of secure communication or a users’s private key. | 7.5 |
2019-11-05 | CVE-2019-8118 | Cleartext Storage of Sensitive Information vulnerability in Magento Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 uses weak cryptographic function to store the failed login attempts for customer accounts. | 5.3 |