Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-03 | CVE-2021-38418 | Cleartext Transmission of Sensitive Information vulnerability in Deltaww Dialink 1.2.4.0 Delta Electronics DIALink versions 1.2.4.0 and prior runs by default on HTTP, which may allow an attacker to be positioned between the traffic and perform a machine-in-the-middle attack to access information without authorization. | 4.3 |
| 2021-11-02 | CVE-2021-43270 | Cleartext Transmission of Sensitive Information vulnerability in Datalust Seq.App.Emailplus 3.1.0 Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended. | 7.5 |
| 2021-10-19 | CVE-2021-0296 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Ctpview 7.3/9.1 The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). | 5.8 |
| 2021-10-14 | CVE-2021-20599 | Cleartext Transmission of Sensitive Information vulnerability in Mitsubishielectric products Cleartext Transmission of Sensitive InformationCleartext transmission of sensitive information vulnerability in MELSEC iQ-R series Safety CPU R08/16/32/120SFCPU firmware versions "26" and prior and MELSEC iQ-R series SIL2 Process CPU R08/16/32/120PSFCPU firmware versions "11" and prior allows a remote unauthenticated attacker to login to a target CPU module by obtaining credentials other than password. | 7.5 |
| 2021-10-05 | CVE-2021-39882 | Cleartext Transmission of Sensitive Information vulnerability in Gitlab In all versions of GitLab CE/EE, provided a user ID, anonymous users can use a few endpoints to retrieve information about any GitLab user. | 5.0 |
| 2021-09-29 | CVE-2020-20128 | Cleartext Transmission of Sensitive Information vulnerability in Laracms Project Laracms 1.0.1 LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers. | 5.0 |
| 2021-09-29 | CVE-2021-22946 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). | 7.5 |
| 2021-09-28 | CVE-2021-36165 | Cleartext Transmission of Sensitive Information vulnerability in Riconmobile S9922L Firmware 16.10.3(3794) RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of sensitive information and sends username and password as base64. | 5.0 |
| 2021-09-21 | CVE-2021-40847 | Cleartext Transmission of Sensitive Information vulnerability in Netgear products The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. | 9.3 |
| 2021-09-07 | CVE-2021-38142 | Cleartext Transmission of Sensitive Information vulnerability in Barco Mirrorop Windows Sender Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. | 7.2 |