Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-26 | CVE-2019-3606 | Cleartext Storage of Sensitive Information vulnerability in Mcafee Network Security Manager Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands. | 4.1 |
| 2019-03-21 | CVE-2018-17499 | Cleartext Storage of Sensitive Information vulnerability in Envoy Passport 2.2.5/2.4.0 Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. | 5.5 |
| 2019-03-21 | CVE-2018-17489 | Cleartext Storage of Sensitive Information vulnerability in Hidglobal Easylobby Solo 11.0.4563 EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext. | 5.5 |
| 2019-03-21 | CVE-2018-12572 | Cleartext Storage of Sensitive Information vulnerability in Avast Free Antivirus Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data. | 7.8 |
| 2019-02-19 | CVE-2019-5765 | Cleartext Storage of Sensitive Information vulnerability in multiple products An exposed debugging endpoint in the browser in Google Chrome on Android prior to 72.0.3626.81 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted Intent. | 5.5 |
| 2019-01-25 | CVE-2018-19009 | Cleartext Storage of Sensitive Information vulnerability in Pilz Pnozmulti Configurator Pilz PNOZmulti Configurator prior to version 10.9 allows an authenticated attacker with local access to the system containing the PNOZmulti Configurator software to view sensitive credential data in clear-text. | 7.8 |
| 2018-12-14 | CVE-2018-18984 | Cleartext Storage of Sensitive Information vulnerability in Medtronic products Medtronic CareLink and Encore Programmers do not encrypt or do not sufficiently encrypt sensitive PII and PHI information while at rest . | 4.6 |
| 2018-12-04 | CVE-2018-18641 | Cleartext Storage of Sensitive Information vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. | 9.8 |
| 2018-11-28 | CVE-2018-5559 | Cleartext Storage of Sensitive Information vulnerability in Rapid7 Komand In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. | 4.9 |
| 2018-11-14 | CVE-2018-19279 | Cleartext Storage of Sensitive Information vulnerability in Primx Zonecentral PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. | 4.3 |