Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-29 | CVE-2021-22946 | Cleartext Transmission of Sensitive Information vulnerability in multiple products A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). | 7.5 |
| 2021-09-28 | CVE-2021-36165 | Cleartext Transmission of Sensitive Information vulnerability in Riconmobile S9922L Firmware 16.10.3(3794) RICON Industrial Cellular Router S9922L 16.10.3(3794) is affected by cleartext storage of sensitive information and sends username and password as base64. | 5.3 |
| 2021-09-21 | CVE-2021-40847 | Cleartext Transmission of Sensitive Information vulnerability in Netgear products The update process of the Circle Parental Control Service on various NETGEAR routers allows remote attackers to achieve remote code execution as root via a MitM attack. | 8.1 |
| 2021-09-07 | CVE-2021-38142 | Cleartext Transmission of Sensitive Information vulnerability in Barco Mirrorop Windows Sender Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. | 8.8 |
| 2021-08-30 | CVE-2021-39272 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | 5.9 |
| 2021-08-25 | CVE-2021-33883 | Cleartext Transmission of Sensitive Information vulnerability in Bbraun Spacecom2 A Cleartext Transmission of Sensitive Information vulnerability in B. | 7.5 |
| 2021-08-10 | CVE-2021-38373 | Cleartext Transmission of Sensitive Information vulnerability in KDE Kmail 19.12.3 In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked. | 5.3 |
| 2021-07-26 | CVE-2021-29769 | Cleartext Transmission of Sensitive Information vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-07-26 | CVE-2021-33900 | Cleartext Transmission of Sensitive Information vulnerability in Apache Directory Studio While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. | 7.5 |
| 2021-07-19 | CVE-2020-36423 | Cleartext Transmission of Sensitive Information vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.23.0. | 7.5 |