Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-28 | CVE-2022-26157 | Missing Encryption of Sensitive Data vulnerability in Cherwell Service Management 10.2.3 An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. | 5.3 |
| 2022-02-04 | CVE-2021-21963 | Missing Encryption of Sensitive Data vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. | 5.9 |
| 2022-01-17 | CVE-2022-0183 | Missing Encryption of Sensitive Data vulnerability in Kingjim Mirupass Pw10 Firmware and Mirupass Pw20 Firmware Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords. | 4.6 |
| 2022-01-12 | CVE-2022-23116 | Missing Encryption of Sensitive Data vulnerability in Jenkins Conjur Secrets Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. | 7.5 |
| 2022-01-10 | CVE-2020-9057 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. | 8.8 |
| 2022-01-10 | CVE-2020-9058 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. | 8.1 |
| 2021-12-10 | CVE-2021-37189 | Missing Encryption of Sensitive Data vulnerability in Digi products An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. | 7.5 |
| 2021-12-09 | CVE-2021-36189 | Missing Encryption of Sensitive Data vulnerability in Fortinet Forticlient Enterprise Management Server A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data | 4.9 |
| 2021-12-08 | CVE-2021-37050 | Missing Encryption of Sensitive Data vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
| 2021-11-15 | CVE-2021-38977 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |