Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-25 | CVE-2021-27194 | Cleartext Transmission of Sensitive Information vulnerability in Netop Vision PRO Cleartext transmission of sensitive information in Netop Vision Pro up to and including 9.7.1 allows a remote unauthenticated attacker to gather credentials including Windows login usernames and passwords. | 3.3 |
| 2021-03-19 | CVE-2021-21387 | Cleartext Transmission of Sensitive Information vulnerability in Wrongthink Wrongthink peer-to-peer, end-to-end encrypted messenger with PeerJS and Axolotl ratchet. | 5.0 |
| 2021-03-17 | CVE-2019-18231 | Cleartext Transmission of Sensitive Information vulnerability in Advantech Spectre RT Ert351 Firmware Advantech Spectre RT ERT351 Versions 5.1.3 and prior logins and passwords are transmitted in clear text form, which may allow an attacker to intercept the request. | 5.0 |
| 2021-03-17 | CVE-2020-35456 | Cleartext Transmission of Sensitive Information vulnerability in Taidii Diibear 2.4.0 The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to view private chat messages and media files via logcat because of excessive logging. | 4.3 |
| 2021-03-09 | CVE-2021-3417 | Cleartext Transmission of Sensitive Information vulnerability in Lenovo Xclarity Orchestrator An internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator (LXCA), if added as a Resource Manager, are encoded then written to an internal LXCO log file each time a session is established with LXCA. | 4.0 |
| 2021-03-09 | CVE-2020-8356 | Cleartext Transmission of Sensitive Information vulnerability in Lenovo Xclarity Orchestrator An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in clear text. | 4.0 |
| 2021-02-26 | CVE-2021-26565 | Cleartext Transmission of Sensitive Information vulnerability in Synology products Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to obtain sensitive information via an HTTP session. | 4.3 |
| 2021-02-26 | CVE-2021-26564 | Cleartext Transmission of Sensitive Information vulnerability in Synology products Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. | 5.8 |
| 2021-02-26 | CVE-2021-26560 | Cleartext Transmission of Sensitive Information vulnerability in Synology products Cleartext transmission of sensitive information vulnerability in synoagentregisterd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to spoof servers via an HTTP session. | 5.8 |
| 2021-02-19 | CVE-2021-22703 | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric products A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause disclosure of user credentials when a malicious actor intercepts HTTP network traffic between a user and the device. | 5.0 |