Vulnerabilities > Insecure Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2020-5262 Insecure Storage of Sensitive Information vulnerability in Easybuild Project Easybuild
In EasyBuild before version 4.1.2, the GitHub Personal Access Token (PAT) used by EasyBuild for the GitHub integration features (like `--new-pr`, `--fro,-pr`, etc.) is shown in plain text in EasyBuild debug log files.
local
low complexity
easybuild-project CWE-922
5.5
2020-03-03 CVE-2020-4197 Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Netcool/Omnibus 8.1.0
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system.
low complexity
ibm CWE-922
2.4
2020-02-24 CVE-2018-13313 Insecure Storage of Sensitive Information vulnerability in Totolink A3002Ru Firmware 1.0.8
In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password.
network
low complexity
totolink CWE-922
6.5
2020-02-17 CVE-2019-12825 Insecure Storage of Sensitive Information vulnerability in Gitlab
Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre.
network
low complexity
gitlab CWE-922
4.3
2020-02-10 CVE-2019-20060 Insecure Storage of Sensitive Information vulnerability in Mfscripts Yetishare
MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header.
network
low complexity
mfscripts CWE-922
7.5
2019-11-25 CVE-2019-13719 Insecure Storage of Sensitive Information vulnerability in multiple products
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
network
low complexity
google opensuse CWE-922
4.3
2019-11-25 CVE-2019-13717 Insecure Storage of Sensitive Information vulnerability in multiple products
Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page.
network
low complexity
google opensuse CWE-922
4.3
2019-10-10 CVE-2019-4265 Insecure Storage of Sensitive Information vulnerability in IBM Maximo Anywhere
IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device.
low complexity
ibm CWE-922
2.4
2019-10-02 CVE-2019-4549 Insecure Storage of Sensitive Information vulnerability in IBM Security Directory Server 6.4.0
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users.
network
low complexity
ibm CWE-922
5.3
2019-10-01 CVE-2019-14957 Insecure Storage of Sensitive Information vulnerability in Jetbrains VIM
The JetBrains Vim plugin before version 0.52 was storing individual project data in the global vim_settings.xml file.
network
low complexity
jetbrains CWE-922
5.3