Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-01 | CVE-2023-29681 | Cleartext Transmission of Sensitive Information vulnerability in Tenda N301 Firmware 12.02.01.61Multi Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password. | 5.7 |
| 2023-04-27 | CVE-2023-25437 | Cleartext Transmission of Sensitive Information vulnerability in Vtech Vcs754A Firmware 1.1.1.A An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H, allows attackers to gain escalated privileges and gain sensitive information due to cleartext passwords passed in the raw HTML. | 8.8 |
| 2023-04-26 | CVE-2023-30841 | Cleartext Transmission of Sensitive Information vulnerability in Linuxfoundation Baremetal Operator Baremetal Operator (BMO) is a bare metal host provisioning integration for Kubernetes. | 5.5 |
| 2023-04-17 | CVE-2023-1831 | Cleartext Transmission of Sensitive Information vulnerability in Mattermost Server Mattermost fails to redact from audit logs the user password during user creation and the user password hash in other operations if the experimental audit logging configuration was enabled (ExperimentalAuditSettings section in config). | 7.5 |
| 2023-04-16 | CVE-2019-14942 | Cleartext Transmission of Sensitive Information vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. | 5.9 |
| 2023-04-12 | CVE-2023-30513 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Kubernetes Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-12 | CVE-2023-30514 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Azure KEY Vault Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-12 | CVE-2023-30515 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Thycotic Devops Secrets Vault 1.0.0 Jenkins Thycotic DevOps Secrets Vault Plugin 1.0.0 and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled. | 7.5 |
| 2023-04-06 | CVE-2023-1802 | Cleartext Transmission of Sensitive Information vulnerability in Docker Desktop 4.17.0/4.17.1 In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. | 7.5 |
| 2023-04-03 | CVE-2023-0922 | Cleartext Transmission of Sensitive Information vulnerability in Samba The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. | 5.9 |