Vulnerabilities > Cleartext Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-11-30 CVE-2023-46386 Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file.
network
low complexity
loytec CWE-312
7.5
2023-11-30 CVE-2023-46388 Cleartext Storage of Sensitive Information vulnerability in Loytec Linx-151 Firmware and Linx-212 Firmware
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via dpal_config.zml file.
network
low complexity
loytec CWE-312
7.5
2023-11-22 CVE-2023-47312 Cleartext Storage of Sensitive Information vulnerability in H-Mdm Headwind MDM 5.22.1
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.
network
low complexity
h-mdm CWE-312
6.5
2023-10-27 CVE-2023-46376 Cleartext Storage of Sensitive Information vulnerability in Zentao BIZ 4.1.3/8.7
Zentao Biz version 8.7 and before is vulnerable to Information Disclosure.
network
low complexity
zentao CWE-312
7.5
2023-10-25 CVE-2023-46128 Cleartext Storage of Sensitive Information vulnerability in Networktocode Nautobot 2.0.0/2.0.1/2.0.2
Nautobot is a Network Automation Platform built as a web application atop the Django Python framework with a PostgreSQL or MySQL database.
network
low complexity
networktocode CWE-312
6.5
2023-10-25 CVE-2023-46653 Cleartext Storage of Sensitive Information vulnerability in Jenkins Lambdatest-Automation
Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level, potentially resulting in its exposure.
network
low complexity
jenkins CWE-312
6.5
2023-10-16 CVE-2023-45151 Cleartext Storage of Sensitive Information vulnerability in Nextcloud Server
Nextcloud server is an open source home cloud platform.
network
low complexity
nextcloud CWE-312
8.8
2023-10-14 CVE-2023-44037 Cleartext Storage of Sensitive Information vulnerability in Zpesystems Nodegrid OS
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component.
network
low complexity
zpesystems CWE-312
7.5
2023-09-27 CVE-2023-4066 Cleartext Storage of Sensitive Information vulnerability in Redhat products
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker.
local
low complexity
redhat CWE-312
5.5
2023-09-27 CVE-2023-44153 Cleartext Storage of Sensitive Information vulnerability in Acronis Cyber Protect 15
Sensitive information disclosure due to cleartext storage of sensitive information in memory.
network
low complexity
acronis CWE-312
7.5