Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-23 | CVE-2020-25190 | Cleartext Transmission of Sensitive Information vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext. | 9.8 |
| 2020-12-18 | CVE-2020-13528 | Cleartext Transmission of Sensitive Information vulnerability in Lantronix Xport Edge Firmware An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. | 5.3 |
| 2020-12-16 | CVE-2020-14248 | Cleartext Transmission of Sensitive Information vulnerability in Hcltech Bigfix Platform BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. | 5.3 |
| 2020-11-30 | CVE-2020-27586 | Cleartext Transmission of Sensitive Information vulnerability in Quickheal Total Security Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. | 5.9 |
| 2020-11-24 | CVE-2020-29055 | Cleartext Transmission of Sensitive Information vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 5.9 |
| 2020-11-17 | CVE-2020-25988 | Cleartext Transmission of Sensitive Information vulnerability in Genexis Platinum 4410 Firmware P4410V21.34H UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent. | 6.5 |
| 2020-11-13 | CVE-2020-25155 | Cleartext Transmission of Sensitive Information vulnerability in Nexcom NIO 50 Firmware The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions). | 7.5 |
| 2020-11-11 | CVE-2020-5426 | Cleartext Transmission of Sensitive Information vulnerability in VMWare Pivotal Scheduler Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. | 9.8 |
| 2020-10-29 | CVE-2020-27657 | Cleartext Transmission of Sensitive Information vulnerability in Synology Router Manager Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors. | 5.9 |
| 2020-10-29 | CVE-2020-27656 | Cleartext Transmission of Sensitive Information vulnerability in Synology Diskstation Manager Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors. | 3.7 |