Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-10 | CVE-2022-41876 | Insecure Storage of Sensitive Information vulnerability in Ibexa Ezplatform-Graphql ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. | 5.3 |
| 2022-10-25 | CVE-2022-28170 | Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. | 6.5 |
| 2022-09-23 | CVE-2022-41320 | Insecure Storage of Sensitive Information vulnerability in Veritas System Recovery Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. | 6.5 |
| 2022-09-12 | CVE-2022-37835 | Insecure Storage of Sensitive Information vulnerability in Torguard VPN 4.8 Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges. | 7.5 |
| 2022-09-07 | CVE-2022-35513 | Insecure Storage of Sensitive Information vulnerability in Blink1 Blink1Control2 The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage. | 7.5 |
| 2022-06-27 | CVE-2022-28168 | Insecure Storage of Sensitive Information vulnerability in Broadcom Sannav 2.1.0/2.1.1/2.2.0.0 In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1.1.8, encoded scp-server passwords are stored using Base64 encoding, which could allow an attacker able to access log files to easily decode the passwords. | 7.5 |
| 2022-06-07 | CVE-2022-30740 | Insecure Storage of Sensitive Information vulnerability in Samsung Internet Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers. | 4.3 |
| 2022-06-02 | CVE-2021-43512 | Insecure Storage of Sensitive Information vulnerability in Flightradar24 Flight Tracker An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys. | 5.5 |
| 2022-05-12 | CVE-2022-1044 | Insecure Storage of Sensitive Information vulnerability in Trudesk Project Trudesk Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. | 6.5 |
| 2022-04-27 | CVE-2021-25266 | Insecure Storage of Sensitive Information vulnerability in Sophos Authenticator and Intercept X An insecure data storage vulnerability allows a physical attacker with root privileges to retrieve TOTP secret keys from unlocked phones in Sophos Authenticator for Android version 3.4 and older, and Intercept X for Mobile (Android) before version 9.7.3495. | 3.9 |