Vulnerabilities > Insecure Storage of Sensitive Information
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2023-0580 | Insecure Storage of Sensitive Information vulnerability in ABB MY Control System 5.0/5.13 Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13. | 9.8 |
| 2023-02-03 | CVE-2021-36546 | Insecure Storage of Sensitive Information vulnerability in Kitesky Kitecms 1.1 Incorrect Access Control issue discovered in KiteCMS 1.1 allows remote attackers to view sensitive information via path in application URL. | 7.5 |
| 2022-12-22 | CVE-2022-40959 | Insecure Storage of Sensitive Information vulnerability in Mozilla Thunderbird During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. | 6.5 |
| 2022-11-16 | CVE-2022-34354 | Insecure Storage of Sensitive Information vulnerability in IBM Partner Engagement Manager 6.1.2/6.2.0/6.2.1 IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-14 | CVE-2022-34312 | Insecure Storage of Sensitive Information vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2022-11-10 | CVE-2022-41876 | Insecure Storage of Sensitive Information vulnerability in Ibexa Ezplatform-Graphql ezplatform-graphql is a GraphQL server implementation for Ibexa DXP and Ibexa Open Source. | 5.3 |
| 2022-10-25 | CVE-2022-28170 | Insecure Storage of Sensitive Information vulnerability in Broadcom Fabric Operating System Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. | 6.5 |
| 2022-09-23 | CVE-2022-41320 | Insecure Storage of Sensitive Information vulnerability in Veritas System Recovery Veritas System Recovery (VSR) versions 18 and 21 store a network destination password in the Windows registry during configuration of the backup configuration. | 6.5 |
| 2022-09-12 | CVE-2022-37835 | Insecure Storage of Sensitive Information vulnerability in Torguard VPN 4.8 Torguard VPN 4.8, has a vulnerability that allows an attacker to dump sensitive information, such as credentials and information about the server, without admin privileges. | 7.5 |
| 2022-09-07 | CVE-2022-35513 | Insecure Storage of Sensitive Information vulnerability in Blink1 Blink1Control2 The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage. | 7.5 |