Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-01-18 CVE-2023-22863 Cleartext Transmission of Sensitive Information vulnerability in IBM products
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL.
network
high complexity
ibm CWE-319
5.9
2023-01-12 CVE-2023-22597 Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information.
network
high complexity
inhandnetworks CWE-319
5.9
2023-01-06 CVE-2022-45935 Cleartext Transmission of Sensitive Information vulnerability in Apache James
Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit.
local
low complexity
apache CWE-319
5.5
2023-01-05 CVE-2022-3929 Cleartext Transmission of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem
Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP.
network
low complexity
hitachienergy CWE-319
critical
9.8
2023-01-04 CVE-2023-0055 Cleartext Transmission of Sensitive Information vulnerability in Pyload 0.5.0
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.
network
low complexity
pyload CWE-319
5.3
2022-12-23 CVE-2022-43551 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP.
network
low complexity
haxx fedoraproject CWE-319
7.5
2022-12-23 CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0.
network
low complexity
CWE-319
6.5
2022-12-22 CVE-2022-22758 Cleartext Transmission of Sensitive Information vulnerability in Mozilla Firefox
When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number.
network
low complexity
mozilla CWE-319
8.8
2022-12-22 CVE-2022-47895 In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files.
network
low complexity
CWE-319
7.5
2022-12-19 CVE-2021-4258 ** DISPUTED ** A vulnerability was found in whohas.
network
low complexity
CWE-319
7.5