Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2020-11-30 CVE-2020-27586 Cleartext Transmission of Sensitive Information vulnerability in Quickheal Total Security
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
network
high complexity
quickheal CWE-319
5.9
2020-11-24 CVE-2020-29055 Cleartext Transmission of Sensitive Information vulnerability in Cdatatec products
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices.
network
high complexity
cdatatec CWE-319
5.9
2020-11-17 CVE-2020-25988 Cleartext Transmission of Sensitive Information vulnerability in Genexis Platinum 4410 Firmware P4410V21.34H
UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent.
low complexity
genexis CWE-319
6.5
2020-11-13 CVE-2020-25155 Cleartext Transmission of Sensitive Information vulnerability in Nexcom NIO 50 Firmware
The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).
network
low complexity
nexcom CWE-319
7.5
2020-11-11 CVE-2020-5426 Cleartext Transmission of Sensitive Information vulnerability in VMWare Pivotal Scheduler
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection.
network
low complexity
vmware CWE-319
critical
9.8
2020-10-29 CVE-2020-27657 Cleartext Transmission of Sensitive Information vulnerability in Synology Router Manager
Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
network
high complexity
synology CWE-319
5.9
2020-10-29 CVE-2020-27656 Cleartext Transmission of Sensitive Information vulnerability in Synology Diskstation Manager
Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.
network
high complexity
synology CWE-319
3.7
2020-10-06 CVE-2020-1902 Cleartext Transmission of Sensitive Information vulnerability in Whatsapp and Whatsapp Business
A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have been sent to the Google service over plain HTTP.
network
low complexity
whatsapp CWE-319
7.5
2020-09-25 CVE-2020-25748 Cleartext Transmission of Sensitive Information vulnerability in Rubetek products
A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339).
network
high complexity
rubetek CWE-319
8.1
2020-09-08 CVE-2020-3702 Cleartext Transmission of Sensitive Information vulnerability in multiple products
u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
low complexity
qualcomm debian arista CWE-319
6.5