Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2020-11-24 CVE-2020-29055 Cleartext Transmission of Sensitive Information vulnerability in Cdatatec products
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices.
network
cdatatec CWE-319
4.3
2020-11-17 CVE-2020-25988 Cleartext Transmission of Sensitive Information vulnerability in Genexis Platinum 4410 Firmware P4410V21.34H
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.
low complexity
genexis CWE-319
6.5
2020-11-17 CVE-2020-27554 Cleartext Transmission of Sensitive Information vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.
network
low complexity
basetech CWE-319
5.0
2020-11-13 CVE-2020-25155 Cleartext Transmission of Sensitive Information vulnerability in Nexcom NIO 50 Firmware
The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).
network
low complexity
nexcom CWE-319
5.0
2020-11-11 CVE-2020-5426 Cleartext Transmission of Sensitive Information vulnerability in VMWare Pivotal Scheduler
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection.
network
vmware CWE-319
4.3
2020-10-29 CVE-2020-27657 Cleartext Transmission of Sensitive Information vulnerability in Synology Router Manager
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
network
synology CWE-319
4.3
2020-10-29 CVE-2020-27656 Cleartext Transmission of Sensitive Information vulnerability in Synology Diskstation Manager
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
network
synology CWE-319
4.3
2020-10-15 CVE-2020-7744 Cleartext Transmission of Sensitive Information vulnerability in Mintegral Mintegraladsdk
This affects all versions of package com.mintegral.msdk:alphab.
network
mintegral CWE-319
4.3
2020-10-13 CVE-2020-25645 Cleartext Transmission of Sensitive Information vulnerability in multiple products
A flaw was found in the Linux kernel in versions before 5.9-rc7.
network
low complexity
linux debian netapp opensuse canonical CWE-319
5.0
2020-10-06 CVE-2020-1902 Cleartext Transmission of Sensitive Information vulnerability in Whatsapp and Whatsapp Business
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.
network
low complexity
whatsapp CWE-319
5.0