Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2021-39081 | IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2024-12-17 | CVE-2024-10973 | A vulnerability was found in Keycloak. low complexity CWE-319 | 5.7 |
| 2024-12-17 | CVE-2024-49819 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Guardium KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors. | 7.5 |
| 2024-12-17 | CVE-2024-49820 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Guardium KEY Lifecycle Manager IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 3.7 |
| 2024-12-03 | CVE-2021-29892 | Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Controller 11.0.0/11.0.1 IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2024-10-28 | CVE-2024-8013 | Cleartext Transmission of Sensitive Information vulnerability in Mongodb Mongo Crypt V1.So and Mongocryptd A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. | 3.3 |
| 2024-10-15 | CVE-2024-49387 | Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16 Cleartext transmission of sensitive information in acep-collector service. | 7.5 |
| 2024-09-27 | CVE-2024-7713 | Cleartext Transmission of Sensitive Information vulnerability in Ays-Pro Chatgpt Assistant The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it | 7.5 |
| 2024-09-26 | CVE-2024-45838 | Cleartext Transmission of Sensitive Information vulnerability in Gotenna The goTenna Pro ATAK Plugin does not encrypt callsigns in messages. | 4.3 |
| 2024-09-26 | CVE-2024-47124 | Cleartext Transmission of Sensitive Information vulnerability in Gotenna PRO The goTenna Pro App does not encrypt callsigns in messages. | 6.5 |