VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Cleartext Transmission of Sensitive Information
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-19
CVE-2021-39081
IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-319
5.9
5.9
2024-12-17
CVE-2024-10973
A vulnerability was found in Keycloak.
low complexity
CWE-319
5.7
5.7
2024-12-17
CVE-2024-49819
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.
local
high complexity
CWE-319
4.1
4.1
2024-12-17
CVE-2024-49820
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
CWE-319
3.7
3.7
2024-12-03
CVE-2021-29892
Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm
CWE-319
5.9
5.9
2024-10-28
CVE-2024-8013
Cleartext Transmission of Sensitive Information vulnerability in Mongodb Mongo Crypt V1.So and Mongocryptd
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext.
local
low complexity
mongodb
CWE-319
3.3
3.3
2024-10-15
CVE-2024-49387
Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16
Cleartext transmission of sensitive information in acep-collector service.
network
low complexity
acronis
CWE-319
7.5
7.5
2024-09-27
CVE-2024-7713
Cleartext Transmission of Sensitive Information vulnerability in Ays-Pro Chatgpt Assistant
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it
network
low complexity
ays-pro
CWE-319
7.5
7.5
2024-09-26
CVE-2024-45838
Cleartext Transmission of Sensitive Information vulnerability in Gotenna
The goTenna Pro ATAK Plugin does not encrypt callsigns in messages.
low complexity
gotenna
CWE-319
4.3
4.3
2024-09-26
CVE-2024-47124
Cleartext Transmission of Sensitive Information vulnerability in Gotenna PRO
The goTenna Pro App does not encrypt callsigns in messages.
low complexity
gotenna
CWE-319
6.5
6.5
«
1
(current)
2
3
4
5
...
52
53
»
Next