Vulnerabilities > Cleartext Transmission of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-01 | CVE-2022-47714 | Cleartext Transmission of Sensitive Information vulnerability in Lastyard Last Yard 22.09.81 Last Yard 22.09.8-1 does not enforce HSTS headers | 9.8 |
2023-02-01 | CVE-2023-23130 | Cleartext Transmission of Sensitive Information vulnerability in Connectwise Automate 2022.11 Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. | 5.9 |
2023-01-26 | CVE-2023-24440 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Jira Pipeline Steps 2.0.165.V8846Cf59F3Db Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure. | 5.5 |
2023-01-18 | CVE-2023-22863 | Cleartext Transmission of Sensitive Information vulnerability in IBM products IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. | 5.9 |
2023-01-12 | CVE-2023-22597 | Cleartext Transmission of Sensitive Information vulnerability in Inhandnetworks Inrouter302 Firmware and Inrouter615-S Firmware InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version InRouter6XX-S-V2.3.0.r5542, contain vulnerability CWE-319: Cleartext Transmission of Sensitive Information. | 5.9 |
2023-01-11 | CVE-2022-0553 | Cleartext Transmission of Sensitive Information vulnerability in Zephyrproject Zephyr There is no check to see if slot 0 is being uploaded from the device to the host. | 4.6 |
2023-01-09 | CVE-2022-23509 | Cleartext Transmission of Sensitive Information vulnerability in Weave Gitops Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. | 6.0 |
2023-01-05 | CVE-2022-3929 | Cleartext Transmission of Sensitive Information vulnerability in Hitachienergy Foxman-Un and Unem Communication between the client and the server application of the affected products is partially done using CORBA (Common Object Request Broker Architecture) over TCP/IP. | 9.8 |
2023-01-04 | CVE-2023-0055 | Cleartext Transmission of Sensitive Information vulnerability in Pyload 0.5.0 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. | 5.3 |
2022-12-23 | CVE-2022-43551 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. | 7.5 |