Vulnerabilities > Cleartext Transmission of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-20 | CVE-2018-7259 | Cleartext Transmission of Sensitive Information vulnerability in Flightsimlabs A320-X 2.0.1.231 The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. | 9.8 |
| 2018-02-13 | CVE-2018-1297 | Cleartext Transmission of Sensitive Information vulnerability in Apache Jmeter When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. | 9.8 |
| 2018-01-24 | CVE-2018-6018 | Cleartext Transmission of Sensitive Information vulnerability in Tinder Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic. | 9.1 |
| 2018-01-24 | CVE-2018-6017 | Cleartext Transmission of Sensitive Information vulnerability in Tinder Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic. | 9.1 |
| 2017-12-27 | CVE-2017-17844 | Cleartext Transmission of Sensitive Information vulnerability in multiple products An issue was discovered in Enigmail before 1.9.9. | 6.5 |
| 2017-12-20 | CVE-2017-5259 | Cleartext Transmission of Sensitive Information vulnerability in Cambiumnetworks products In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, an undocumented, root-privilege administration web shell is available using the HTTP path https://<device-ip-or-hostname>/adm/syscmd.asp. | 8.8 |
| 2017-12-20 | CVE-2017-1694 | Cleartext Transmission of Sensitive Information vulnerability in IBM Integration BUS IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. | 8.1 |
| 2017-12-01 | CVE-2017-14486 | Cleartext Transmission of Sensitive Information vulnerability in Vibease Chat and Wireless Remote Vibrator The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use cleartext to exchange messages with other apps and the PLAIN SASL mechanism to send auth tokens to Vibease servers, which allows remote attackers to obtain user credentials, messages, and other sensitive information by sniffing the network for XMPP traffic. | 7.5 |
| 2017-10-29 | CVE-2017-15999 | Cleartext Transmission of Sensitive Information vulnerability in NQ Contacts Backup & Restore 1.1 In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. | 9.8 |
| 2017-10-26 | CVE-2017-1232 | Cleartext Transmission of Sensitive Information vulnerability in IBM Bigfix Platform 9.2/9.5 IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. | 5.9 |