Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-22 | CVE-2020-4371 | Insecure Storage of Sensitive Information vulnerability in IBM Verify Gateway 1.0.0/1.0.1 IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. | 3.3 |
| 2020-05-29 | CVE-2020-8482 | Insecure Storage of Sensitive Information vulnerability in ABB Device Library Wizard 6.0.3.2/6.1.0 Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data | 5.5 |
| 2020-04-29 | CVE-2020-8481 | Insecure Storage of Sensitive Information vulnerability in ABB 800Xa System 5.1 For ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, confidential data is written in an unprotected file. | 9.8 |
| 2020-04-03 | CVE-2020-7000 | Insecure Storage of Sensitive Information vulnerability in Visam Vbase Editor and Vbase Web-Remote VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and the encryption/decryption mechanism, which may be exploited to bypass authentication of the HTML5 HMI web interface. | 7.5 |
| 2020-03-19 | CVE-2020-5262 | Insecure Storage of Sensitive Information vulnerability in Easybuild Project Easybuild In EasyBuild before version 4.1.2, the GitHub Personal Access Token (PAT) used by EasyBuild for the GitHub integration features (like `--new-pr`, `--fro,-pr`, etc.) is shown in plain text in EasyBuild debug log files. | 5.5 |
| 2020-03-03 | CVE-2020-4197 | Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0 IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. | 2.4 |
| 2020-02-24 | CVE-2018-13313 | Insecure Storage of Sensitive Information vulnerability in Totolink A3002Ru Firmware 1.0.8 In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. | 6.5 |
| 2020-02-17 | CVE-2019-12825 | Insecure Storage of Sensitive Information vulnerability in Gitlab Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre. | 4.3 |
| 2020-02-10 | CVE-2019-20060 | Insecure Storage of Sensitive Information vulnerability in Mfscripts Yetishare MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. | 7.5 |
| 2019-11-25 | CVE-2019-13719 | Insecure Storage of Sensitive Information vulnerability in multiple products Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page. | 4.3 |