Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2024-10-30 CVE-2024-32946 A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks.
network
high complexity
CWE-319
5.9
2024-10-28 CVE-2024-8013 Cleartext Transmission of Sensitive Information vulnerability in Mongodb Mongo Crypt V1.So and Mongocryptd
A bug in query analysis of certain complex self-referential $lookup subpipelines may result in literal values in expressions for encrypted fields to be sent to the server as plaintext instead of ciphertext.
local
low complexity
mongodb CWE-319
3.3
2024-10-15 CVE-2024-49387 Cleartext Transmission of Sensitive Information vulnerability in Acronis Cyber Protect 16
Cleartext transmission of sensitive information in acep-collector service.
network
low complexity
acronis CWE-319
7.5
2024-09-27 CVE-2024-7713 Cleartext Transmission of Sensitive Information vulnerability in Ays-Pro Chatgpt Assistant
The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it
network
low complexity
ays-pro CWE-319
7.5
2024-09-26 CVE-2024-45838 Cleartext Transmission of Sensitive Information vulnerability in Gotenna
The goTenna Pro ATAK Plugin does not encrypt callsigns in messages.
low complexity
gotenna CWE-319
4.3
2024-09-26 CVE-2024-47124 Cleartext Transmission of Sensitive Information vulnerability in Gotenna PRO
The goTenna Pro App does not encrypt callsigns in messages.
low complexity
gotenna CWE-319
6.5
2024-09-13 CVE-2024-43180 Cleartext Transmission of Sensitive Information vulnerability in IBM Concert 1.0
IBM Concert 1.0 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-319
4.3
2024-09-10 CVE-2024-44105 Cleartext Transmission of Sensitive Information vulnerability in Ivanti Workspace Control
Cleartext transmission of sensitive information in the management console of Ivanti Workspace Control version 10.18.0.0 and below allows a local authenticated attacker to obtain OS credentials.
local
low complexity
ivanti CWE-319
7.8
2024-09-04 CVE-2024-41927 Cleartext Transmission of Sensitive Information vulnerability in Idec products
Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs.
low complexity
idec CWE-319
4.6
2024-08-15 CVE-2024-31799 Cleartext Transmission of Sensitive Information vulnerability in Gncchome Gncc C2 Firmware
Information Disclosure in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical access to read the WiFi passphrase via the UART Debugging Port.
low complexity
gncchome CWE-319
4.6