Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2024-12-19 CVE-2021-39081 IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
high complexity
CWE-319
5.9
2024-12-17 CVE-2024-10973 A vulnerability was found in Keycloak.
low complexity
CWE-319
5.7
2024-12-17 CVE-2024-49819 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.
local
high complexity
CWE-319
4.1
2024-12-17 CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
CWE-319
3.7
2024-12-03 CVE-2021-29892 Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-319
5.9
2024-10-28 CVE-2024-8013 Cleartext Transmission of Sensitive Information vulnerability in Mongodb Mongo Crypt V1.So and Mongocryptd
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext.
local
low complexity
mongodb CWE-319
3.3
2024-10-15 CVE-2024-49387 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16
Cleartext transmission of sensitive information in acep-collector service.
network
low complexity
acronis CWE-319
7.5
2024-09-27 CVE-2024-7713 Cleartext Transmission of Sensitive Information vulnerability in Ays-Pro Chatgpt Assistant
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it
network
low complexity
ays-pro CWE-319
7.5
2024-09-26 CVE-2024-45838 Cleartext Transmission of Sensitive Information vulnerability in Gotenna
The goTenna Pro ATAK Plugin does not encrypt callsigns in messages.
low complexity
gotenna CWE-319
4.3
2024-09-26 CVE-2024-47124 Cleartext Transmission of Sensitive Information vulnerability in Gotenna PRO
The goTenna Pro App does not encrypt callsigns in messages.
low complexity
gotenna CWE-319
6.5