Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-45480 | Cleartext Transmission of Sensitive Information vulnerability in Beappsmobile PC Keyboard Wifi & Bluetooth PC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data (including keypresses) in cleartext. | 5.9 |
| 2022-12-02 | CVE-2022-45483 | Cleartext Transmission of Sensitive Information vulnerability in Lazy Mouse Project Lazy Mouse Lazy Mouse allows an attacker (in a man in the middle position between the server and a connected device) to see all data (including keypresses) in cleartext. | 5.9 |
| 2022-11-25 | CVE-2022-39339 | Cleartext Transmission of Sensitive Information vulnerability in Nextcloud Openid Connect User Backend user_oidc is an OpenID Connect user backend for Nextcloud. | 4.3 |
| 2022-11-25 | CVE-2022-44411 | Cleartext Transmission of Sensitive Information vulnerability in web Based Quiz System Project web Based Quiz System 1.0 Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack. | 7.5 |
| 2022-11-23 | CVE-2021-35246 | Cleartext Transmission of Sensitive Information vulnerability in Solarwinds Engineer'S Toolset 2020.2.6 The application fails to prevent users from connecting to it over unencrypted connections. | 5.3 |
| 2022-11-14 | CVE-2022-43691 | Cleartext Transmission of Sensitive Information vulnerability in Concretecms Concrete CMS Concrete CMS (formerly concrete5) below 8.5.10 and between 9.0.0 and 9.1.2 inadvertently disclose server-side sensitive information (secrets in environment variables and server information) when Debug Mode is left on in production. | 5.3 |
| 2022-11-14 | CVE-2021-38828 | Cleartext Transmission of Sensitive Information vulnerability in Xiongmaitech Xm-Jpr2-Lx Firmware 4.02.R12.A6420987.10002.147502.00000 Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing. | 5.3 |
| 2022-11-10 | CVE-2022-38122 | Cleartext Transmission of Sensitive Information vulnerability in Upspowercom Upsmon PRO 2.57 UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. | 7.5 |
| 2022-11-08 | CVE-2022-33321 | Cleartext Transmission of Sensitive Information vulnerability in Mitsubishielectric products Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mitsubishi Electric HEMS Energy Measurement Unit, Refrigerator, Remote control with Wi-Fi Interface, BATHROOM THERMO VENTILATOR, Rice cooker, Mitsubishi Electric HEMS control adapter, Energy Recovery Ventilator, Smart Switch, Ventilating Fan, Range hood fan, Energy Measurement Unit and Air Purifier) allows a remote unauthenticated attacker to disclose information in the products or cause a denial of service (DoS) condition as a result by sniffing credential information (username and password). The wide range of models/versions of Mitsubishi Electric consumer electronics products are affected by this vulnerability. As for the affected product models/versions, see the Mitsubishi Electric's advisory which is listed in [References] section. | 9.8 |
| 2022-11-02 | CVE-2021-45447 | Cleartext Transmission of Sensitive Information vulnerability in Hitachi Vantara Pentaho 8.3.0.0/8.3.0.25/8.3.0.9 Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text. The transmission of sensitive data in clear text allows unauthorized actors with access to the network to sniff and obtain sensitive information that can be later used to gain unauthorized access. | 7.5 |