Vulnerabilities > Insecure Storage of Sensitive Information
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-26 | CVE-2024-43694 | Insecure Storage of Sensitive Information vulnerability in Gotenna Atak Plugin In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. | 6.5 |
2024-09-26 | CVE-2024-45374 | Insecure Storage of Sensitive Information vulnerability in Gotenna The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. | 6.5 |
2024-09-26 | CVE-2024-47122 | Insecure Storage of Sensitive Information vulnerability in Gotenna PRO In the goTenna Pro App, the encryption keys are stored along with a static IV on the End User Device (EUD). | 6.5 |
2024-09-26 | CVE-2024-47197 | Insecure Storage of Sensitive Information vulnerability in Apache Maven Archetype 3.2.1 Exposure of Sensitive Information to an Unauthorized Actor, Insecure Storage of Sensitive Information vulnerability in Maven Archetype Plugin. This issue affects Maven Archetype Plugin: from 3.2.1 before 3.3.0. Users are recommended to upgrade to version 3.3.0, which fixes the issue. Archetype integration testing creates a file called ./target/classes/archetype-it/archetype-settings.xml This file contains all the content from the users ~/.m2/settings.xml file, which often contains information they do not want to publish. | 7.5 |
2024-07-19 | CVE-2024-6916 | Insecure Storage of Sensitive Information vulnerability in Zowe CLI A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag. | 5.5 |
2024-02-06 | CVE-2024-22773 | Insecure Storage of Sensitive Information vulnerability in Intelbras Action RF 1200 Firmware 1.2.2 Intelbras Action RF 1200 routers 1.2.2 and earlier and Action RG 1200 routers 2.1.7 and earlier expose the Password in Cookie resulting in Login Bypass. | 8.1 |
2024-01-30 | CVE-2024-22193 | Insecure Storage of Sensitive Information vulnerability in Vantage6 The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). | 4.3 |
2024-01-03 | CVE-2023-5879 | Insecure Storage of Sensitive Information vulnerability in Geniecompany Aladdin Connect 5.65 Users’ product account authentication data was stored in clear text in The Genie Company Aladdin Connect Mobile Application Version 5.65 Build 2075 (and below) on Android Devices. | 6.8 |
2023-12-14 | CVE-2023-45182 | Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 is vulnerable to having its key for an encrypted password decoded. | 6.5 |
2023-12-14 | CVE-2023-45184 | Insecure Storage of Sensitive Information vulnerability in IBM I Access Client Solutions IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. | 7.5 |