Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-20 | CVE-2024-44292 | Insecure Storage of Sensitive Information vulnerability in Apple Macos 15.0 A privacy issue was addressed with improved private data redaction for log entries. | 5.5 |
| 2024-12-20 | CVE-2024-44298 | Insecure Storage of Sensitive Information vulnerability in Apple Macos 15.0 A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2024-12-03 | CVE-2024-12082 | Insecure Storage of Sensitive Information vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | 5.5 |
| 2024-11-26 | CVE-2024-8899 | Insecure Storage of Sensitive Information vulnerability in Jegtheme JEG Elementor KIT The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the render_content function in class/elements/views/class-tabs-view.php. | 4.3 |
| 2024-11-15 | CVE-2022-20939 | A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. | 4.3 |
| 2024-11-14 | CVE-2024-3501 | Insecure Storage of Sensitive Information vulnerability in Lunary In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists due to the inclusion of single-use tokens in the responses of `GET /v1/users/me` and `GET /v1/users/me/org` API endpoints. | 8.1 |
| 2024-11-14 | CVE-2024-3502 | Insecure Storage of Sensitive Information vulnerability in Lunary In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists where account recovery hashes of users are inadvertently exposed to unauthorized actors. | 8.1 |
| 2024-11-06 | CVE-2024-34677 | Insecure Storage of Sensitive Information vulnerability in Samsung Android 12.0/13.0/14.0 Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | 3.3 |
| 2024-11-06 | CVE-2024-10028 | Insecure Storage of Sensitive Information vulnerability in Everestthemes Everest Backup The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. | 7.5 |
| 2024-11-01 | CVE-2024-48353 | Insecure Storage of Sensitive Information vulnerability in Yealink Meeting Server Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information. | 7.5 |