Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-08 | CVE-2019-17106 | Cleartext Storage of Sensitive Information vulnerability in Centreon web In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components. | 6.5 |
| 2019-10-01 | CVE-2019-10433 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Jenkins Dingding[??] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. | 3.3 |
| 2019-09-25 | CVE-2019-10430 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Neuvector vulnerability Scanner Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 5.5 |
| 2019-09-24 | CVE-2019-4566 | Cleartext Storage of Sensitive Information vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can be read by a local user. | 5.5 |
| 2019-09-05 | CVE-2019-15947 | Cleartext Storage of Sensitive Information vulnerability in Bitcoin Core 0.18.0 In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. | 7.5 |
| 2019-08-23 | CVE-2019-15508 | Cleartext Storage of Sensitive Information vulnerability in Octopus Server and Tentacle In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy is configured, an authenticated user (in certain limited OctopusPrintVariables circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. | 6.5 |
| 2019-08-23 | CVE-2019-15507 | Cleartext Storage of Sensitive Information vulnerability in Octopus Server In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request proxy is configured, an authenticated user (in certain limited special-characters circumstances) could trigger a deployment that writes the web request proxy password to the deployment log in cleartext. | 6.5 |
| 2019-08-07 | CVE-2019-10099 | Cleartext Storage of Sensitive Information vulnerability in Apache Spark Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. | 7.5 |
| 2019-07-22 | CVE-2019-13096 | Cleartext Storage of Sensitive Information vulnerability in Tronlink Wallet 2.2.0 TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and places them in insecure storage. | 9.8 |
| 2019-07-22 | CVE-2019-13100 | Cleartext Storage of Sensitive Information vulnerability in Send-Anywhere Send Anywhere 9.4.18 The Send Anywhere application 9.4.18 for Android stores confidential information insecurely on the system (i.e., in cleartext), which allows a non-root user to find out the username/password of a valid user via /data/data/com.estmob.android.sendanywhere/shared_prefs/sendanywhere_device.xml. | 6.5 |