Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-16 | CVE-2020-29024 | Missing Encryption of Sensitive Data vulnerability in Secomea products Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. | 5.3 |
| 2021-01-14 | CVE-2020-26732 | Missing Encryption of Sensitive Data vulnerability in Skyworth Gn542Vf BOA Firmware 0.94.13 SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 7.5 |
| 2020-12-31 | CVE-2020-25842 | Missing Encryption of Sensitive Data vulnerability in Panorama Nhiservisignadapter 1.0.20.0218 The encryption function of NHIServiSignAdapter fail to verify the file path input by users. | 7.5 |
| 2020-12-15 | CVE-2020-27055 | Missing Encryption of Sensitive Data vulnerability in Google Android 11.0 In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. | 7.5 |
| 2020-12-01 | CVE-2020-4126 | Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. | 5.9 |
| 2020-11-09 | CVE-2020-8150 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | 4.1 |
| 2020-11-02 | CVE-2020-8173 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 2.2 |
| 2020-10-29 | CVE-2020-27651 | Missing Encryption of Sensitive Data vulnerability in Synology Router Manager Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 8.1 |
| 2020-10-29 | CVE-2020-27650 | Missing Encryption of Sensitive Data vulnerability in Synology Diskstation Manager and Skynas Firmware Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 3.7 |
| 2020-10-27 | CVE-2020-9774 | Missing Encryption of Sensitive Data vulnerability in Apple mac OS X An issue existed with Siri Suggestions access to encrypted data. | 7.5 |