Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2022-47714 Cleartext Transmission of Sensitive Information vulnerability in Lastyard Last Yard 22.09.81
Last Yard 22.09.8-1 does not enforce HSTS headers
network
low complexity
lastyard CWE-319
critical
9.8
2023-02-01 CVE-2023-23130 Cleartext Transmission of Sensitive Information vulnerability in Connectwise Automate 2022.11
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication.
network
high complexity
connectwise CWE-319
5.9
2023-01-26 CVE-2023-24440 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Jira Pipeline Steps 2.0.165.V8846Cf59F3Db
Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
local
low complexity
jenkins CWE-319
5.5
2023-01-18 CVE-2023-22863 Cleartext Transmission of Sensitive Information vulnerability in IBM products
IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL.
network
high complexity
ibm CWE-319
5.9
2023-01-12 CVE-2023-22597 Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information.
network
high complexity
inhandnetworks CWE-319
5.9
2023-01-11 CVE-2022-0553 Cleartext Transmission of Sensitive Information vulnerability in Zephyrproject Zephyr
There is no check to see if slot 0 is being uploaded from the device to the host.
low complexity
zephyrproject CWE-319
4.6
2023-01-09 CVE-2022-23509 Cleartext Transmission of Sensitive Information vulnerability in Weave Gitops
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise.
local
low complexity
weave CWE-319
6.0
2023-01-05 CVE-2022-3929 Cleartext Transmission of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem
Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP.
network
low complexity
hitachienergy CWE-319
critical
9.8
2023-01-04 CVE-2023-0055 Cleartext Transmission of Sensitive Information vulnerability in Pyload 0.5.0
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.
network
low complexity
pyload CWE-319
5.3
2022-12-23 CVE-2022-43551 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP.
network
low complexity
haxx fedoraproject netapp splunk CWE-319
7.5