Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-23 | CVE-2020-12638 | Cleartext Transmission of Sensitive Information vulnerability in Espressif Esp-Idf, Esp8266 Nonos SDK and Esp8266 Rtos SDK An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. | 6.8 |
| 2020-07-22 | CVE-2020-4397 | Cleartext Transmission of Sensitive Information vulnerability in IBM Verify Gateway 1.0.0/1.0.1 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. | 5.9 |
| 2020-07-20 | CVE-2020-3442 | Cleartext Transmission of Sensitive Information vulnerability in DUO Duoconnect 1.0.0/1.1.0 The DuoConnect client enables users to establish SSH connections to hosts protected by a DNG instance. | 5.7 |
| 2020-07-14 | CVE-2020-7592 | Cleartext Transmission of Sensitive Information vulnerability in Siemens products A vulnerability has been identified in SIMATIC HMI Basic Panels 1st Generation (incl. | 6.5 |
| 2020-07-09 | CVE-2020-14171 | Cleartext Transmission of Sensitive Information vulnerability in Atlassian Bitbucket Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack. | 6.5 |
| 2020-07-09 | CVE-2020-12398 | Cleartext Transmission of Sensitive Information vulnerability in multiple products If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. | 7.5 |
| 2020-07-07 | CVE-2020-15509 | Cleartext Transmission of Sensitive Information vulnerability in Nordicsemi Android BLE Library and DFU Library Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android (as used by nRF Connect and other applications) can engage in unencrypted communication while showing the user that the communication is purportedly encrypted. | 6.5 |
| 2020-07-03 | CVE-2020-10281 | Cleartext Transmission of Sensitive Information vulnerability in Dronecode Micro AIR Vehicle Link This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium. | 7.5 |
| 2020-07-02 | CVE-2020-2210 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Stash Branch Parameter Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 4.3 |
| 2020-06-29 | CVE-2020-12048 | Cleartext Transmission of Sensitive Information vulnerability in Baxter Phoenix X36 Firmware 3.36/3.40 Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. | 7.5 |