Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-10-06 CVE-2019-17218 Cleartext Transmission of Sensitive Information vulnerability in Vzug Combi-Stream Mslq Firmware Ethernetr07
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05.
network
low complexity
vzug CWE-319
critical
9.1
2019-10-02 CVE-2019-14959 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Toolbox
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection.
network
high complexity
jetbrains CWE-319
5.9
2019-10-01 CVE-2019-0231 Cleartext Transmission of Sensitive Information vulnerability in Apache Mina 2.0.20/2.1.1
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward.
network
low complexity
apache CWE-319
7.5
2019-10-01 CVE-2019-14954 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Intellij Idea
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection.
network
high complexity
jetbrains CWE-319
5.9
2019-10-01 CVE-2019-10435 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Sourcegear Vault 1.0/1.1/1.1.1
Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
2019-10-01 CVE-2019-10434 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Ldap Email
Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
2019-09-30 CVE-2019-4280 Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system.
network
low complexity
ibm CWE-319
5.3
2019-09-27 CVE-2019-16924 Cleartext Transmission of Sensitive Information vulnerability in Nuvending Nulock 1.5.0
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock.
low complexity
nuvending CWE-319
8.8
2019-09-27 CVE-2019-11739 Cleartext Transmission of Sensitive Information vulnerability in Mozilla Thunderbird
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward.
network
low complexity
mozilla CWE-319
6.5
2019-09-25 CVE-2019-6652 Cleartext Transmission of Sensitive Information vulnerability in F5 Big-Iq Centralized Management 6.0.0/6.0.1/6.1.0
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
network
low complexity
f5 CWE-319
6.5