Vulnerabilities > Insecure Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-22773 Insecure Storage of Sensitive Information vulnerability in Intelbras Action RF 1200 Firmware 1.2.2
Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login Bypass.
network
high complexity
intelbras CWE-922
8.1
2024-01-30 CVE-2024-22193 Insecure Storage of Sensitive Information vulnerability in Vantage6
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC).
network
low complexity
vantage6 CWE-922
4.3
2024-01-03 CVE-2023-5879 Insecure Storage of Sensitive Information vulnerability in Geniecompany Aladdin Connect 5.65
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices.
low complexity
geniecompany CWE-922
6.8
2023-12-14 CVE-2023-45182 Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded.
local
low complexity
ibm CWE-922
6.5
2023-12-14 CVE-2023-45184 Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks.
network
low complexity
ibm CWE-922
7.5
2023-11-22 CVE-2023-6253 Insecure Storage of Sensitive Information vulnerability in Fortra Digital Guardian Agent
A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file.
local
low complexity
fortra CWE-922
6.0
2023-09-19 CVE-2023-32184 Insecure Storage of Sensitive Information vulnerability in Opensuse Welcome
A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a.
local
low complexity
opensuse CWE-922
7.8
2023-09-18 CVE-2023-41965 Insecure Storage of Sensitive Information vulnerability in Socomec Modulys GP Firmware 01.12.10
Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.
network
low complexity
socomec CWE-922
7.5
2023-09-12 CVE-2023-40728 Insecure Storage of Sensitive Information vulnerability in Siemens QMS Automotive 12.30
A vulnerability has been identified in QMS Automotive (All versions < V12.39).
local
low complexity
siemens CWE-922
7.8
2023-09-12 CVE-2023-37879 Insecure Storage of Sensitive Information vulnerability in Wftpserver Wing FTP Server
Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <= 7.2.0.
network
low complexity
wftpserver CWE-922
7.5