Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-10-01 CVE-2019-10435 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Sourcegear Vault 1.0/1.1/1.1.1
Jenkins SourceGear Vault Plugin transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
7.5
2019-10-01 CVE-2019-10434 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Ldap Email
Jenkins LDAP Email Plugin transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
7.5
2019-09-30 CVE-2019-4280 Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system.
network
low complexity
ibm CWE-319
5.3
5.3
2019-09-27 CVE-2019-16924 Cleartext Transmission of Sensitive Information vulnerability in Nuvending Nulock 1.5.0
The Nulock application 1.5.0 for mobile devices sends a cleartext password over Bluetooth, which allows remote attackers (after sniffing the network) to take control of the lock.
low complexity
nuvending CWE-319
8.8
8.8
2019-09-27 CVE-2019-11739 Cleartext Transmission of Sensitive Information vulnerability in Mozilla Thunderbird
Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward.
network
low complexity
mozilla CWE-319
6.5
6.5
2019-09-25 CVE-2019-6652 Cleartext Transmission of Sensitive Information vulnerability in F5 Big-Iq Centralized Management 6.0.0/6.0.1/6.1.0
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any form of Transport Layer Security (TLS).
network
low complexity
f5 CWE-319
6.5
6.5
2019-09-25 CVE-2019-10428 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Security Scanner
Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
7.5
2019-09-25 CVE-2019-10427 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Microscanner
Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
5.3
5.3
2019-09-25 CVE-2019-10412 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Inedo Proget
Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
7.5
2019-09-25 CVE-2019-10411 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Inedo Buildmaster
Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
network
low complexity
jenkins CWE-319
7.5
7.5