Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-2665 | Insecure Storage of Sensitive Information vulnerability in Rosariosis Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. | 7.5 |
| 2023-05-10 | CVE-2023-31150 | Insecure Storage of Sensitive Information vulnerability in Selinc products A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. | 6.5 |
| 2023-05-10 | CVE-2022-43475 | Insecure Storage of Sensitive Information vulnerability in Intel Data Center Manager Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2022-44619 | Insecure Storage of Sensitive Information vulnerability in Intel Data Center Manager Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-06 | CVE-2022-43877 | Insecure Storage of Sensitive Information vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file. | 5.5 |
| 2023-04-06 | CVE-2023-0580 | Insecure Storage of Sensitive Information vulnerability in ABB MY Control System 5.0/5.13 Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13. | 9.8 |
| 2023-02-03 | CVE-2021-36546 | Insecure Storage of Sensitive Information vulnerability in Kitesky Kitecms 1.1 Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. | 7.5 |
| 2022-12-22 | CVE-2022-40959 | Insecure Storage of Sensitive Information vulnerability in Mozilla Thunderbird During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. | 6.5 |
| 2022-11-16 | CVE-2022-34354 | Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-14 | CVE-2022-34312 | Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |