Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-08 | CVE-2018-10812 | Cleartext Storage of Sensitive Information vulnerability in Bitpie Bitcoin Wallet The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS). | 4.1 |
| 2018-03-25 | CVE-2018-8947 | Cleartext Storage of Sensitive Information vulnerability in Laravel LOG Viewer Project Laravel LOG Viewer rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request. | 7.5 |
| 2018-02-20 | CVE-2017-16835 | Cleartext Storage of Sensitive Information vulnerability in Photo,Video Locker-Calculator Project Photo,Video Locker-Calculator 12.0 The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an "adb backup '-f smart.calculator.gallerylock'" command. | 7.5 |
| 2018-01-09 | CVE-2017-9663 | Cleartext Storage of Sensitive Information vulnerability in GM Shanghai Onstar 7.1 An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. | 7.5 |
| 2017-12-01 | CVE-2017-13663 | Cleartext Storage of Sensitive Information vulnerability in Ismartalarm Cubeone Firmware Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key. | 7.5 |
| 2017-11-22 | CVE-2017-2723 | Cleartext Storage of Sensitive Information vulnerability in Huawei Files 7.1.1.308 The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. | 6.7 |
| 2017-10-03 | CVE-2017-14990 | Cleartext Storage of Sensitive Information vulnerability in multiple products WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability). | 6.5 |
| 2017-07-19 | CVE-2017-1309 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2016-05-31 | CVE-2016-0876 | Cleartext Storage of Sensitive Information vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. | 7.5 |
| 2009-07-01 | CVE-2009-2272 | Cleartext Storage of Sensitive Information vulnerability in Huawei D100 Firmware The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors. | 7.5 |