Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2022-45546 | Cleartext Transmission of Sensitive Information vulnerability in Screencheck Badgemaker 2.6.2.0 Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing. | 7.5 |
| 2023-02-08 | CVE-2023-0001 | Cleartext Transmission of Sensitive Information vulnerability in Paloaltonetworks Cortex XDR Agent 7.5 An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent. | 6.7 |
| 2023-02-07 | CVE-2022-40693 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Sds-3008-T Firmware and Sds-3008 Firmware A cleartext transmission vulnerability exists in the web application functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. | 7.5 |
| 2023-02-06 | CVE-2023-25016 | Cleartext Transmission of Sensitive Information vulnerability in Couchbase Server Couchbase Server before 6.6.6, 7.x before 7.0.5, and 7.1.x before 7.1.2 exposes Sensitive Information to an Unauthorized Actor. | 7.5 |
| 2023-02-01 | CVE-2022-47714 | Cleartext Transmission of Sensitive Information vulnerability in Lastyard Last Yard 22.09.81 Last Yard 22.09.8-1 does not enforce HSTS headers | 9.8 |
| 2023-02-01 | CVE-2023-23130 | Cleartext Transmission of Sensitive Information vulnerability in Connectwise Automate 2022.11 Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. | 5.9 |
| 2023-01-26 | CVE-2023-24440 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Jira Pipeline Steps 2.0.165.V8846Cf59F3Db Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. | 5.5 |
| 2023-01-11 | CVE-2022-0553 | Cleartext Transmission of Sensitive Information vulnerability in Zephyrproject Zephyr There is no check to see if slot 0 is being uploaded from the device to the host. | 4.6 |
| 2023-01-09 | CVE-2022-23509 | Cleartext Transmission of Sensitive Information vulnerability in Weave Gitops Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. | 6.0 |
| 2023-01-05 | CVE-2022-3929 | Cleartext Transmission of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP. | 9.8 |