Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-20886 | Insecure Storage of Sensitive Information vulnerability in Samsung Android 12.0/13.0/14.0 Inclusion of sensitive information in test code in softsim TA prior to SMR Jan-2025 Release 1 allows local privileged attackers to get test key. | 4.4 |
| 2025-01-27 | CVE-2025-24117 | Insecure Storage of Sensitive Information vulnerability in Apple products This issue was addressed with improved redaction of sensitive information. | 5.5 |
| 2024-12-20 | CVE-2024-44292 | Insecure Storage of Sensitive Information vulnerability in Apple Macos 15.0 A privacy issue was addressed with improved private data redaction for log entries. | 5.5 |
| 2024-12-20 | CVE-2024-44298 | Insecure Storage of Sensitive Information vulnerability in Apple Macos 15.0 A privacy issue was addressed with improved private data redaction for log entries. | 3.3 |
| 2024-12-03 | CVE-2024-12082 | Insecure Storage of Sensitive Information vulnerability in Openatom Openharmony in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | 5.5 |
| 2024-11-26 | CVE-2024-8899 | Insecure Storage of Sensitive Information vulnerability in Jegtheme JEG Elementor KIT The Jeg Elementor Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.9 via the render_content function in class/elements/views/class-tabs-view.php. | 4.3 |
| 2024-11-15 | CVE-2024-52519 | Insecure Storage of Sensitive Information vulnerability in Nextcloud Server 27.0.0/27.1.0/27.1.3 Nextcloud Server is a self hosted personal cloud system. | 8.2 |
| 2024-11-15 | CVE-2022-20939 | A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system. This vulnerability is due to inadequate protection of sensitive user information. | 4.3 |
| 2024-11-14 | CVE-2024-3501 | Insecure Storage of Sensitive Information vulnerability in Lunary In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists due to the inclusion of single-use tokens in the responses of `GET /v1/users/me` and `GET /v1/users/me/org` API endpoints. | 8.1 |
| 2024-11-14 | CVE-2024-3502 | Insecure Storage of Sensitive Information vulnerability in Lunary In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability exists where account recovery hashes of users are inadvertently exposed to unauthorized actors. | 8.1 |