Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-07-22 CVE-2019-13096 Cleartext Storage of Sensitive Information vulnerability in Tronlink Wallet 2.2.0
TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage.
network
low complexity
tronlink CWE-312
critical
9.8
2019-07-22 CVE-2019-13100 Cleartext Storage of Sensitive Information vulnerability in Send-Anywhere Send Anywhere 9.4.18
The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml.
network
low complexity
send-anywhere CWE-312
6.5
2019-07-22 CVE-2019-13099 Cleartext Storage of Sensitive Information vulnerability in Momo Project Momo 2.1.9
The Momo application 2.1.9 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user and a user's access token via Logcat.
network
low complexity
momo-project CWE-312
6.5
2019-07-11 CVE-2019-10351 Cleartext Storage of Sensitive Information vulnerability in Jenkins Caliper CI 2.3
Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8
2019-07-11 CVE-2019-10350 Cleartext Storage of Sensitive Information vulnerability in Jenkins Port Allocator
Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8
2019-07-11 CVE-2019-10348 Cleartext Storage of Sensitive Information vulnerability in Jenkins Gogs
Jenkins Gogs Plugin stored credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-312
8.8
2019-06-27 CVE-2019-5810 Cleartext Storage of Sensitive Information vulnerability in multiple products
Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
network
low complexity
google opensuse debian fedoraproject CWE-312
6.5
2019-06-20 CVE-2019-1627 Cleartext Storage of Sensitive Information vulnerability in Cisco products
A vulnerability in the Server Utilities of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to gain unauthorized access to sensitive user information from the configuration data that is stored on the affected system.
network
low complexity
cisco CWE-312
6.5
2019-06-06 CVE-2018-2028 Cleartext Storage of Sensitive Information vulnerability in IBM products
IBM Maximo Asset Management 7.6 could allow a an authenticated user to replace a target page with a phishing site which could allow the attacker to obtain highly sensitive information.
network
low complexity
ibm CWE-312
6.5
2019-06-05 CVE-2019-11966 Cleartext Storage of Sensitive Information vulnerability in HP Intelligent Management Center
A remote privilege escalation vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
network
low complexity
hp CWE-312
8.8