Vulnerabilities > Cleartext Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-18 | CVE-2023-5384 | Cleartext Storage of Sensitive Information vulnerability in multiple products A flaw was found in Infinispan. | 2.7 |
| 2023-12-15 | CVE-2023-50719 | Cleartext Storage of Sensitive Information vulnerability in Xwiki XWiki Platform is a generic wiki platform. | 7.5 |
| 2023-12-13 | CVE-2023-50772 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Json Pusher Jenkins Dingding JSON Pusher Plugin 2.0 and earlier stores access tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 4.3 |
| 2023-12-13 | CVE-2023-50773 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Dingding Json Pusher Jenkins Dingding JSON Pusher Plugin 2.0 and earlier does not mask access tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | 4.3 |
| 2023-12-13 | CVE-2023-50776 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Paaslane Estimate 1.0.4 Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 4.3 |
| 2023-12-13 | CVE-2023-50777 | Cleartext Storage of Sensitive Information vulnerability in Jenkins Paaslane Estimate 1.0.4 Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier does not mask PaaSLane authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them. | 4.3 |
| 2023-12-12 | CVE-2015-8314 | Cleartext Storage of Sensitive Information vulnerability in Heartcombo Devise The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access. | 7.5 |
| 2023-12-12 | CVE-2022-46141 | Cleartext Storage of Sensitive Information vulnerability in Siemens Simatic Step 7 A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). | 5.5 |
| 2023-12-07 | CVE-2023-40238 | Cleartext Storage of Sensitive Information vulnerability in Insyde Insydeh2O A LogoFAIL issue was discovered in BmpDecoderDxe in Insyde InsydeH2O with kernel 5.2 before 05.28.47, 5.3 before 05.37.47, 5.4 before 05.45.47, 5.5 before 05.53.47, and 5.6 before 05.60.47 for certain Lenovo devices. | 5.5 |
| 2023-11-30 | CVE-2023-46384 | Cleartext Storage of Sensitive Information vulnerability in Loytec L-Inx Configurator 7.4.10 LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. | 7.5 |