Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-38142 | Cleartext Transmission of Sensitive Information vulnerability in Barco Mirrorop Windows Sender Barco MirrorOp Windows Sender before 2.5.3.65 uses cleartext HTTP and thus allows rogue software upgrades. | 8.8 |
| 2021-08-30 | CVE-2021-39272 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH. | 5.9 |
| 2021-08-25 | CVE-2021-33883 | Cleartext Transmission of Sensitive Information vulnerability in Bbraun Spacecom2 A Cleartext Transmission of Sensitive Information vulnerability in B. | 7.5 |
| 2021-08-10 | CVE-2021-38373 | Cleartext Transmission of Sensitive Information vulnerability in KDE Kmail 19.12.3 In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked. | 5.3 |
| 2021-07-26 | CVE-2021-29769 | Cleartext Transmission of Sensitive Information vulnerability in IBM I2 Analyze 4.3.0/4.3.1/4.3.2 IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2021-07-26 | CVE-2021-33900 | Cleartext Transmission of Sensitive Information vulnerability in Apache Directory Studio While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. | 7.5 |
| 2021-07-19 | CVE-2020-36423 | Cleartext Transmission of Sensitive Information vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.23.0. | 7.5 |
| 2021-07-16 | CVE-2020-4980 | Cleartext Transmission of Sensitive Information vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. | 6.5 |
| 2021-07-15 | CVE-2020-12730 | Cleartext Transmission of Sensitive Information vulnerability in Magicsmotion Flamingo 2 Firmware MagicMotion Flamingo 2 lacks BLE encryption, enabling data sniffing and packet forgery. | 5.3 |
| 2021-07-13 | CVE-2021-1896 | Cleartext Transmission of Sensitive Information vulnerability in Qualcomm products Weak configuration in WLAN could cause forwarding of unencrypted packets from one client to another in Snapdragon Compute, Snapdragon Connectivity | 4.3 |