| 2025-02-12 | CVE-2025-0556 | Cleartext Transmission of Sensitive Information vulnerability in Progress Telerik Report Server
In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing. | 6.5 |
| 2025-02-04 | CVE-2024-43187 | IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. | 5.9 |
| 2025-01-28 | CVE-2025-0784 | A vulnerability has been found in Intelbras InControl up to 2.21.58 and classified as problematic. | 3.7 |
| 2025-01-28 | CVE-2024-28786 | IBM QRadar SIEM 7.5 transmits sensitive or security-critical data in cleartext in a communication channel that could be obtained by an unauthorized actor using man in the middle techniques. | 6.5 |
| 2024-12-19 | CVE-2021-39081 | IBM Cognos Analytics Mobile for Android 1.1.14 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.9 |
| 2024-12-17 | CVE-2024-10973 | A vulnerability was found in Keycloak. | 5.7 |
| 2024-12-17 | CVE-2024-49819 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Guardium KEY Lifecycle Manager
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors. | 7.5 |
| 2024-12-17 | CVE-2024-49820 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Guardium KEY Lifecycle Manager
IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 3.7 |
| 2024-12-03 | CVE-2021-29892 | Cleartext Transmission of Sensitive Information vulnerability in IBM Cognos Controller 11.0.0/11.0.1
IBM Cognos Controller 11.0.0 and 11.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2024-10-28 | CVE-2024-8013 | Cleartext Transmission of Sensitive Information vulnerability in Mongodb Mongo Crypt V1.So and Mongocryptd
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext. | 3.3 |