Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-34677 | Insecure Storage of Sensitive Information vulnerability in Samsung Android 12.0/13.0/14.0 Exposure of sensitive information in System UI prior to SMR Nov-2024 Release 1 allow local attackers to make malicious apps appear as legitimate. | 3.3 |
| 2024-11-06 | CVE-2024-10028 | Insecure Storage of Sensitive Information vulnerability in Everestthemes Everest Backup The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. | 7.5 |
| 2024-11-01 | CVE-2024-48353 | Insecure Storage of Sensitive Information vulnerability in Yealink Meeting Server Yealink Meeting Server before V26.0.0.67 allows attackers to obtain static key information from a front-end JS file and decrypt the plaintext passwords based on the obtained key information. | 7.5 |
| 2024-10-28 | CVE-2024-44257 | Insecure Storage of Sensitive Information vulnerability in Apple Macos This issue was addressed with improved redaction of sensitive information. | 5.5 |
| 2024-10-28 | CVE-2024-44222 | Insecure Storage of Sensitive Information vulnerability in Apple Macos This issue was addressed with improved redaction of sensitive information. | 3.3 |
| 2024-10-25 | CVE-2022-30359 | Insecure Storage of Sensitive Information vulnerability in Ovaledge OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. | 4.3 |
| 2024-10-25 | CVE-2022-30361 | Insecure Storage of Sensitive Information vulnerability in Ovaledge OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. | 5.3 |
| 2024-09-26 | CVE-2024-43694 | Insecure Storage of Sensitive Information vulnerability in Gotenna Atak Plugin In the goTenna Pro ATAK Plugin application, the encryption keys are stored along with a static IV on the device. | 6.5 |
| 2024-09-26 | CVE-2024-45374 | Insecure Storage of Sensitive Information vulnerability in Gotenna The goTenna Pro ATAK plugin uses a weak password for sharing encryption keys via the key broadcast method. | 6.5 |
| 2024-09-26 | CVE-2024-47122 | Insecure Storage of Sensitive Information vulnerability in Gotenna PRO In the goTenna Pro App, the encryption keys are stored along with a static IV on the End User Device (EUD). | 6.5 |