Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-18 | CVE-2023-41965 | Insecure Storage of Sensitive Information vulnerability in Socomec Modulys GP Firmware 01.12.10 Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process. | 7.5 |
| 2023-09-12 | CVE-2023-37879 | Insecure Storage of Sensitive Information vulnerability in Wftpserver Wing FTP Server Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <= 7.2.0. | 7.5 |
| 2023-09-05 | CVE-2023-29261 | Insecure Storage of Sensitive Information vulnerability in IBM Sterling External Authentication Server 6.0.3.0/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. | 5.5 |
| 2023-08-02 | CVE-2022-46484 | Insecure Storage of Sensitive Information vulnerability in Ngsurvey 2.4.28 Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys. | 7.5 |
| 2023-07-17 | CVE-2023-28864 | Insecure Storage of Sensitive Information vulnerability in Progress Chef Infra Server Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. | 5.5 |
| 2023-06-05 | CVE-2023-3064 | Insecure Storage of Sensitive Information vulnerability in Mobatime Amxgt 100 1.3.20 Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20. | 5.3 |
| 2023-05-12 | CVE-2023-2665 | Insecure Storage of Sensitive Information vulnerability in Rosariosis Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0. | 7.5 |
| 2023-05-10 | CVE-2023-31150 | Insecure Storage of Sensitive Information vulnerability in Selinc products A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to retrieve passwords. See SEL Service Bulletin dated 2022-11-15 for more details. | 6.5 |
| 2023-05-10 | CVE-2022-43475 | Insecure Storage of Sensitive Information vulnerability in Intel Data Center Manager Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-05-10 | CVE-2022-44619 | Insecure Storage of Sensitive Information vulnerability in Intel Data Center Manager Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |