Vulnerabilities > Cleartext Transmission of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-18 | CVE-2023-22863 | Cleartext Transmission of Sensitive Information vulnerability in IBM products IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. | 5.9 |
2023-01-12 | CVE-2023-22597 | Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. | 5.9 |
2023-01-06 | CVE-2022-45935 | Cleartext Transmission of Sensitive Information vulnerability in Apache James Usage of temporary files with insecure permissions by the Apache James server allows an attacker with local access to access private user data in transit. | 5.5 |
2023-01-05 | CVE-2022-3929 | Cleartext Transmission of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP. | 9.8 |
2023-01-04 | CVE-2023-0055 | Cleartext Transmission of Sensitive Information vulnerability in Pyload 0.5.0 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. | 5.3 |
2022-12-23 | CVE-2022-43551 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. | 7.5 |
2022-12-23 | CVE-2022-4683 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0. | 6.5 |
2022-12-22 | CVE-2022-22758 | Cleartext Transmission of Sensitive Information vulnerability in Mozilla Firefox When clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. | 8.8 |
2022-12-22 | CVE-2022-47895 | In JetBrains IntelliJ IDEA before 2022.3.1 the "Validate JSP File" action used the HTTP protocol to download required JAR files. | 7.5 |
2022-12-19 | CVE-2021-4258 | ** DISPUTED ** A vulnerability was found in whohas. | 7.5 |