Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-07 | CVE-2019-10735 | Cleartext Transmission of Sensitive Information vulnerability in Claws-Mail Mail 3.14.1 In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 4.3 |
| 2019-04-07 | CVE-2019-10734 | Cleartext Transmission of Sensitive Information vulnerability in Trojita Project Trojita 0.7 In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 4.3 |
| 2019-04-07 | CVE-2019-10732 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 4.3 |
| 2019-04-03 | CVE-2019-10240 | Cleartext Transmission of Sensitive Information vulnerability in Eclipse Hawkbit Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. | 8.1 |
| 2019-04-02 | CVE-2019-1010260 | Cleartext Transmission of Sensitive Information vulnerability in Ktlint Project Ktlint Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. | 8.1 |
| 2019-03-28 | CVE-2019-10251 | Cleartext Transmission of Sensitive Information vulnerability in Ucweb UC Browser 11.2.5.932/13.0.8/20190326 The UCWeb UC Browser application through 2019-03-26 for Android uses HTTP to download certain modules associated with PDF and Microsoft Office files (related to libpicsel), which allows MITM attacks. | 5.9 |
| 2019-03-28 | CVE-2019-10250 | Cleartext Transmission of Sensitive Information vulnerability in Ucweb UC Browser 7.0.185.1002 UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which allows MITM attacks. | 5.9 |
| 2019-03-27 | CVE-2019-9860 | Cleartext Transmission of Sensitive Information vulnerability in Abus products Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control (FUBE50014 or FUBE50015) relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are not accepted anymore. | 7.5 |
| 2019-03-26 | CVE-2019-6540 | Cleartext Transmission of Sensitive Information vulnerability in Medtronic products The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Evera ICD, Maximo II CRT-D and ICD, Mirro ICD, Nayamed ND ICD, Primo ICD, Protecta ICD and CRT-D, Secura ICD, Virtuoso ICD, Virtuoso II ICD, Visia AF ICD, and Viva CRT-D does not implement encryption. | 6.5 |
| 2019-03-05 | CVE-2019-4063 | Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. | 5.9 |