Vulnerabilities > Cleartext Transmission of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2019-08-18 CVE-2019-15135 Cleartext Transmission of Sensitive Information vulnerability in OMG DDS Security 1.1
The handshake protocol in Object Management Group (OMG) DDS Security 1.1 sends cleartext information about all of the capabilities of a participant (including capabilities inapplicable to the current session), which makes it easier for attackers to discover potentially sensitive reachability information on a Data Distribution Service (DDS) network.
network
low complexity
omg CWE-319
7.5
2019-08-14 CVE-2019-0348 Cleartext Transmission of Sensitive Information vulnerability in SAP Businessobjects Business Intelligence 4.1/4.2
SAP BusinessObjects Business Intelligence Platform (Web Intelligence), versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted.
network
low complexity
sap CWE-319
6.5
2019-08-14 CVE-2019-0346 Cleartext Transmission of Sensitive Information vulnerability in SAP Businessobjects Business Intelligence 4.2
Unencrypted communication error in SAP Business Objects Business Intelligence Platform (Central Management Console), version 4.2, leads to disclosure of list of user names and roles imported from SAP NetWeaver BI systems, resulting in Information Disclosure.
network
low complexity
sap CWE-319
6.5
2019-08-05 CVE-2019-14664 Cleartext Transmission of Sensitive Information vulnerability in multiple products
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email.
network
low complexity
enigmail fedoraproject CWE-319
6.5
2019-07-31 CVE-2019-10363 Cleartext Transmission of Sensitive Information vulnerability in Jenkins Configuration AS Code
Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form.
network
low complexity
jenkins CWE-319
4.9
2019-07-30 CVE-2019-5448 Cleartext Transmission of Sensitive Information vulnerability in Yarnpkg Yarn
Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Data due to HTTP URLs in lockfile causing unencrypted authentication data to be sent over the network.
network
high complexity
yarnpkg CWE-319
8.1
2019-07-29 CVE-2019-13498 Cleartext Transmission of Sensitive Information vulnerability in Oneidentity Cloud Access Manager 8.1.3
One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM) attacks.
network
high complexity
oneidentity CWE-319
7.4
2019-07-19 CVE-2019-12820 Cleartext Transmission of Sensitive Information vulnerability in Jisiwei I3 Firmware 2.0
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner.
network
high complexity
jisiwei CWE-319
5.6
2019-07-03 CVE-2019-10102 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin and Ktor
JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
network
high complexity
jetbrains CWE-319
8.1
2019-07-03 CVE-2019-10101 Cleartext Transmission of Sensitive Information vulnerability in Jetbrains Kotlin
JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.
network
high complexity
jetbrains CWE-319
8.1