Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-24 | CVE-2018-6018 | Cleartext Transmission of Sensitive Information vulnerability in Tinder Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic. | 9.1 |
| 2018-01-24 | CVE-2018-6017 | Cleartext Transmission of Sensitive Information vulnerability in Tinder Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic. | 9.1 |
| 2017-12-27 | CVE-2017-17844 | Cleartext Transmission of Sensitive Information vulnerability in multiple products An issue was discovered in Enigmail before 1.9.9. | 6.5 |
| 2017-12-20 | CVE-2017-5259 | Cleartext Transmission of Sensitive Information vulnerability in Cambiumnetworks products In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp. | 8.8 |
| 2017-12-20 | CVE-2017-1694 | Cleartext Transmission of Sensitive Information vulnerability in IBM Integration BUS IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. | 8.1 |
| 2017-12-01 | CVE-2017-14486 | Cleartext Transmission of Sensitive Information vulnerability in Vibease Chat and Wireless Remote Vibrator The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use cleartext to exchange messages with other apps and the PLAIN SASL mechanism to send auth tokens to Vibease servers, which allows remote attackers to obtain user credentials, messages, and other sensitive information by sniffing the network for XMPP traffic. | 7.5 |
| 2017-10-29 | CVE-2017-15999 | Cleartext Transmission of Sensitive Information vulnerability in NQ Contacts Backup & Restore 1.1 In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. | 9.8 |
| 2017-10-26 | CVE-2017-1232 | Cleartext Transmission of Sensitive Information vulnerability in IBM Bigfix Platform 9.2/9.5 IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. | 5.9 |
| 2017-10-23 | CVE-2017-7147 | Cleartext Transmission of Sensitive Information vulnerability in Apple Support An issue was discovered in certain Apple products. | 5.3 |
| 2017-10-23 | CVE-2017-7143 | Cleartext Transmission of Sensitive Information vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |