2024-06-14 | CVE-2024-5996 | The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. | 8.8 |
2024-06-10 | CVE-2024-37393 | Cleartext Transmission of Sensitive Information vulnerability in Securenvoy Multi-Factor Authentication Solutions Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. | 7.5 |
2024-05-14 | CVE-2024-28134 | An unauthenticated remote attacker can extract a session token with a MitM attack and gain web-based management access with the privileges of the currently logged in user due to cleartext transmission of sensitive information. | 7.0 |
2024-03-12 | CVE-2024-26288 | An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. | 8.7 |
2024-02-09 | CVE-2023-45716 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by sensitive information passed in URL. | 4.1 |
2024-02-09 | CVE-2023-42016 | Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2024-02-07 | CVE-2023-32328 | Cleartext Transmission of Sensitive Information vulnerability in IBM Security Verify Access IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. | 9.8 |
2024-02-06 | CVE-2023-40544 | Cleartext Transmission of Sensitive Information vulnerability in Westermo L206-F2G Firmware 4.24 An attacker with access to the network where the affected devices are located could maliciously actions to obtain, via a sniffer, sensitive information exchanged via TCP communications. | 5.7 |
2024-02-02 | CVE-2023-50962 | Cleartext Transmission of Sensitive Information vulnerability in IBM Powersc 1.3/2.0/2.1 IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" (HSTS) web security policy mechanism. | 7.5 |
2024-01-23 | CVE-2023-42144 | Cleartext Transmission of Sensitive Information vulnerability in Shelly TRV Firmware 2.1.8 Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password. | 5.5 |