Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2011-3355 | Missing Encryption of Sensitive Data vulnerability in Gnome Evolution-Data-Server3 3.0.3/3.2.1 evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to store sent email messages into the Sent folder, when the Sent folder was located on the remote server. | 7.3 |
| 2019-11-21 | CVE-2019-15704 | Missing Encryption of Sensitive Data vulnerability in Fortinet Forticlient A clear text storage of sensitive information vulnerability in FortiClient for Mac may allow a local attacker to read sensitive information logged in the console window when the user connects to an SSL VPN Gateway. | 5.5 |
| 2019-11-14 | CVE-2019-18980 | Missing Encryption of Sensitive Data vulnerability in Philips Taolight Smart Wi-Fi WIZ Connected LED Bulb 9290022656 Firmware On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022656 devices, an unprotected API lets remote users control the bulb's operation. | 7.5 |
| 2019-11-12 | CVE-2010-3299 | Missing Encryption of Sensitive Data vulnerability in multiple products The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. | 6.5 |
| 2019-11-12 | CVE-2010-3292 | Missing Encryption of Sensitive Data vulnerability in Mailscanner 4.79.112 The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encryption (e.g., https) or digital signature checking which could allow an attacker to replace certain configuration files (e.g., phishing whitelist) via dns/packet spoofing. | 5.5 |
| 2019-11-08 | CVE-2019-16210 | Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. | 5.5 |
| 2019-11-08 | CVE-2019-16206 | Missing Encryption of Sensitive Data vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1 The authentication mechanism, in Brocade SANnav versions before v2.0, logs plaintext account credentials at the ‘trace’ and the 'debug' logging level; which could allow a local authenticated attacker to access sensitive information. | 5.5 |
| 2019-09-17 | CVE-2019-4171 | Missing Encryption of Sensitive Data vulnerability in IBM Cognos Controller IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set the secure attribute on authorization tokens or session cookies. | 3.7 |
| 2019-09-17 | CVE-2019-9681 | Missing Encryption of Sensitive Data vulnerability in Dahuasecurity products Online upgrade information in some firmware packages of Dahua products is not encrypted. | 5.3 |
| 2019-09-13 | CVE-2019-13922 | Missing Encryption of Sensitive Data vulnerability in Siemens Sinema Remote Connect Server A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). | 2.7 |