Vulnerabilities > Missing Encryption of Sensitive Data

DATE CVE VULNERABILITY TITLE RISK
2024-10-10 CVE-2024-47871 Missing Encryption of Sensitive Data vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
low complexity
gradio-project CWE-311
critical
9.1
2024-10-02 CVE-2024-20515 Missing Encryption of Sensitive Data vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings.
network
low complexity
cisco CWE-311
6.5
2024-09-26 CVE-2023-52948 Missing Encryption of Sensitive Data vulnerability in Synology Active Backup for Business Agent
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Backup for Business Agent before 2.7.0-3221 allows local users to obtain user credential via unspecified vectors.
local
low complexity
synology CWE-311
5.0
2024-09-26 CVE-2023-52950 Missing Encryption of Sensitive Data vulnerability in Synology Active Backup for Business Agent
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for Business Agent before 2.7.0-3221 allows adjacent man-in-the-middle attackers to obtain user credential via unspecified vectors.
high complexity
synology CWE-311
5.3
2024-09-04 CVE-2024-20503 Missing Encryption of Sensitive Data vulnerability in Cisco DUO Authentication for Epic
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to view sensitive information in cleartext on an affected system. This vulnerability is due to improper storage of an unencrypted registry key.
local
low complexity
cisco CWE-311
5.5
2024-08-22 CVE-2024-39746 Missing Encryption of Sensitive Data vulnerability in IBM Sterling Connect Direct web Services
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-311
5.9
2024-08-19 CVE-2024-42657 Missing Encryption of Sensitive Data vulnerability in Nepstech Ntpl-Xpon1Gfevn Firmware 1.0
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process
network
low complexity
nepstech CWE-311
7.5
2024-08-15 CVE-2024-31905 Missing Encryption of Sensitive Data vulnerability in IBM Qradar Network Packet Capture 7.5.0
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-311
5.9
2024-06-05 CVE-2023-49927 Missing Encryption of Sensitive Data vulnerability in Samsung products
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300.
network
low complexity
samsung CWE-311
5.3
2024-02-05 CVE-2024-24768 Missing Encryption of Sensitive Data vulnerability in Fit2Cloud 1Panel 1.9.5
1Panel is an open source Linux server operation and maintenance management panel.
network
low complexity
fit2cloud CWE-311
7.5