Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-25 | CVE-2022-30361 | Insecure Storage of Sensitive Information vulnerability in Ovaledge OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. | 5.3 |
| 2024-09-26 | CVE-2024-43694 | Insecure Storage of Sensitive Information vulnerability in Gotenna Atak Plugin In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. | 6.5 |
| 2024-09-26 | CVE-2024-45374 | Insecure Storage of Sensitive Information vulnerability in Gotenna The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. | 6.5 |
| 2024-09-26 | CVE-2024-47122 | Insecure Storage of Sensitive Information vulnerability in Gotenna PRO In the goTenna Pro App, the encryption keys are stored along with a static IV on the End User Device (EUD). | 6.5 |
| 2024-09-26 | CVE-2024-47197 | Insecure Storage of Sensitive Information vulnerability in Apache Maven Archetype 3.2.1 Exposure of Sensitive Information to an Unauthorized Actor, Insecure Storage of Sensitive Information vulnerability in Maven Archetype Plugin. This issue affects Maven Archetype Plugin: from 3.2.1 before 3.3.0. Users are recommended to upgrade to version 3.3.0, which fixes the issue. Archetype integration testing creates a file called ./target/classes/archetype-it/archetype-settings.xml This file contains all the content from the users ~/.m2/settings.xml file, which often contains information they do not want to publish. | 7.5 |
| 2024-07-19 | CVE-2024-6916 | Insecure Storage of Sensitive Information vulnerability in Zowe CLI A vulnerability in Zowe CLI allows local, privileged actors to display securely stored properties in cleartext within a terminal using the '--show-inputs-only' flag. | 5.5 |
| 2024-06-06 | CVE-2024-5206 | Insecure Storage of Sensitive Information vulnerability in Scikit-Learn A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer, specifically in versions up to and including 1.4.1.post1, which was fixed in version 1.5.0. | 4.7 |
| 2024-03-04 | CVE-2024-21826 | Insecure Storage of Sensitive Information vulnerability in Openatom Openharmony in OpenHarmony v3.2.4 and prior versions allow a local attacker cause sensitive information leak through insecure storage. | 5.5 |
| 2024-02-21 | CVE-2023-42823 | Insecure Storage of Sensitive Information vulnerability in Apple products The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. | 5.5 |
| 2024-02-21 | CVE-2023-42839 | Insecure Storage of Sensitive Information vulnerability in Apple products This issue was addressed with improved state management. | 5.5 |