Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-12 | CVE-2019-10397 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins Aqua Security Severless Scanner Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure. | 3.1 |
| 2019-09-10 | CVE-2019-5503 | Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Workflow Automation 5.0 OnCommand Workflow Automation versions prior to 5.0 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 5.3 |
| 2019-09-04 | CVE-2019-14319 | Cleartext Transmission of Sensitive Information vulnerability in Tiktok The TikTok (formerly Musical.ly) application 12.2.0 for Android and iOS performs unencrypted transmission of images, videos, and likes. | 6.5 |
| 2019-08-28 | CVE-2019-10391 | Cleartext Transmission of Sensitive Information vulnerability in Jenkins IBM Application Security on Cloud Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure. | 6.5 |
| 2019-08-22 | CVE-2019-5635 | Cleartext Transmission of Sensitive Information vulnerability in Belwith-Keeler Hickory Smart Ethernet Bridge Firmware A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. | 7.5 |
| 2019-08-19 | CVE-2019-11276 | Cleartext Transmission of Sensitive Information vulnerability in Pivotal Software Application Service Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. | 5.4 |
| 2019-08-18 | CVE-2019-15135 | Cleartext Transmission of Sensitive Information vulnerability in OMG DDS Security 1.1 The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network. | 7.5 |
| 2019-08-14 | CVE-2019-0348 | Cleartext Transmission of Sensitive Information vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2 SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted. | 6.5 |
| 2019-08-14 | CVE-2019-0346 | Cleartext Transmission of Sensitive Information vulnerability in SAP Businessobjects Business Intelligence 4.2 Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure. | 6.5 |
| 2019-08-05 | CVE-2019-14664 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 6.5 |