Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-31 | CVE-2020-25842 | Missing Encryption of Sensitive Data vulnerability in Panorama Nhiservisignadapter 1.0.20.0218 The encryption function of NHIServiSignAdapter fail to verify the file path input by users. | 7.5 |
| 2020-12-15 | CVE-2020-27055 | Missing Encryption of Sensitive Data vulnerability in Google Android 11.0 In isSubmittable and showWarningMessagesIfAppropriate of WifiConfigController.java and WifiConfigController2.java, there is a possible insecure WiFi configuration due to improper input validation. | 7.5 |
| 2020-12-11 | CVE-2020-28217 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 7.5 |
| 2020-12-11 | CVE-2020-28216 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol. | 7.5 |
| 2020-12-01 | CVE-2020-4126 | Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. | 5.9 |
| 2020-11-19 | CVE-2020-7567 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke the encryption keys. | 5.7 |
| 2020-11-09 | CVE-2020-8150 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker to downgrade the encryption scheme and break the integrity of encrypted files. | 4.1 |
| 2020-11-02 | CVE-2020-8173 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 2.2 |
| 2020-10-29 | CVE-2020-27651 | Missing Encryption of Sensitive Data vulnerability in Synology Router Manager Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 8.1 |
| 2020-10-29 | CVE-2020-27650 | Missing Encryption of Sensitive Data vulnerability in Synology Diskstation Manager and Skynas Firmware Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 3.7 |