Vulnerabilities > Insecure Storage of Sensitive Information

DATE CVE VULNERABILITY TITLE RISK
2023-05-06 CVE-2022-43877 Insecure Storage of Sensitive Information vulnerability in IBM Urbancode Deploy
IBM UrbanCode Deploy (UCD) versions up to 7.3.0.1 could disclose sensitive password information during a manual edit of the agentrelay.properties file.
local
high complexity
ibm CWE-922
5.1
2023-04-06 CVE-2023-0580 Insecure Storage of Sensitive Information vulnerability in ABB MY Control System 5.0/5.13
Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13.
network
low complexity
abb CWE-922
critical
9.8
2023-02-03 CVE-2021-36546 Insecure Storage of Sensitive Information vulnerability in Kitesky Kitecms 1.1
Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL.
network
low complexity
kitesky CWE-922
7.5
2022-12-22 CVE-2022-40959 Insecure Storage of Sensitive Information vulnerability in Mozilla Thunderbird
During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments.
network
low complexity
mozilla CWE-922
6.5
2022-11-16 CVE-2022-34354 Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1
IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-14 CVE-2022-34312 Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-922
3.3
2022-11-10 CVE-2022-41876 Insecure Storage of Sensitive Information vulnerability in Ibexa Ezplatform-Graphql
ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source.
network
low complexity
ibexa CWE-922
5.3
2022-10-25 CVE-2022-28170 Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements.
local
low complexity
broadcom CWE-922
6.5
2022-09-23 CVE-2022-41320 Insecure Storage of Sensitive Information vulnerability in Veritas System Recovery
Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration.
network
low complexity
veritas CWE-922
6.5
2022-09-12 CVE-2022-37835 Insecure Storage of Sensitive Information vulnerability in Torguard VPN 4.8
Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges.
network
low complexity
torguard CWE-922
7.5