Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-01 | CVE-2017-13663 | Cleartext Storage of Sensitive Information vulnerability in Ismartalarm Cubeone Firmware Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key. | 7.5 |
| 2017-11-22 | CVE-2017-2723 | Cleartext Storage of Sensitive Information vulnerability in Huawei Files 7.1.1.308 The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. | 6.7 |
| 2017-10-03 | CVE-2017-14990 | Cleartext Storage of Sensitive Information vulnerability in multiple products WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability). | 6.5 |
| 2017-07-19 | CVE-2017-1309 | Cleartext Storage of Sensitive Information vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2016-05-31 | CVE-2016-0876 | Cleartext Storage of Sensitive Information vulnerability in Moxa Edr-G903 Firmware Moxa Secure Router EDR-G903 devices before 3.4.12 allow remote attackers to discover cleartext passwords by reading a configuration file. | 7.5 |
| 2009-07-01 | CVE-2009-2272 | Cleartext Storage of Sensitive Information vulnerability in Huawei D100 Firmware The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors. | 7.5 |
| 2009-06-08 | CVE-2008-6828 | Cleartext Storage of Sensitive Information vulnerability in Symantec Altiris Deployment Solution Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server. | 7.8 |
| 2009-05-14 | CVE-2009-1466 | Cleartext Storage of Sensitive Information vulnerability in Klinzmann Application Access Server 2.0.48 Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file. | 5.5 |
| 2009-05-13 | CVE-2009-0152 | Cleartext Storage of Sensitive Information vulnerability in Apple mac OS X and mac OS X Server iChat in Apple Mac OS X 10.5 before 10.5.7 disables SSL for AOL Instant Messenger (AIM) communication in certain circumstances that are inconsistent with the Require SSL setting, which allows remote attackers to obtain sensitive information by sniffing the network. | 7.5 |
| 2009-05-11 | CVE-2009-1603 | Cleartext Storage of Sensitive Information vulnerability in multiple products src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted. | 7.5 |