Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-02-19 CVE-2019-5765 Cleartext Storage of Sensitive Information vulnerability in multiple products
An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent.
local
low complexity
google redhat debian fedoraproject CWE-312
5.5
2019-01-25 CVE-2018-19009 Cleartext Storage of Sensitive Information vulnerability in Pilz Pnozmulti Configurator
Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text.
local
low complexity
pilz CWE-312
7.8
2018-12-14 CVE-2018-18984 Cleartext Storage of Sensitive Information vulnerability in Medtronic products
Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions, The affected products do not encrypt or do not sufficiently encrypt the following sensitive information while at rest PII and PHI.
low complexity
medtronic CWE-312
4.6
2018-12-04 CVE-2018-18641 Cleartext Storage of Sensitive Information vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3.
network
low complexity
gitlab CWE-312
critical
9.8
2018-11-28 CVE-2018-5559 Cleartext Storage of Sensitive Information vulnerability in Rapid7 Komand
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel.
network
low complexity
rapid7 CWE-312
4.9
2018-11-14 CVE-2018-19279 Cleartext Storage of Sensitive Information vulnerability in Primx Zonecentral
PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files.
low complexity
primx CWE-312
4.3
2018-11-02 CVE-2018-1877 Cleartext Storage of Sensitive Information vulnerability in IBM Robotic Process Automation With Automation Anywhere 11.0
IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user.
local
low complexity
ibm CWE-312
7.8
2018-10-19 CVE-2018-18394 Cleartext Storage of Sensitive Information vulnerability in Moxa Thingspro 2.1
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
network
low complexity
moxa CWE-312
critical
9.8
2018-07-30 CVE-2018-9065 Cleartext Storage of Sensitive Information vulnerability in Lenovo Xclarity Administrator
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended.
network
high complexity
lenovo CWE-312
7.5
2018-07-18 CVE-2018-10871 Cleartext Storage of Sensitive Information vulnerability in multiple products
389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information.
network
low complexity
fedoraproject debian CWE-312
7.2