Vulnerabilities > Missing Encryption of Sensitive Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-23 | CVE-2018-16837 | Missing Encryption of Sensitive Data vulnerability in multiple products Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. | 7.8 |
2018-10-10 | CVE-2018-17915 | Missing Encryption of Sensitive Data vulnerability in Xiongmaitech Xmeye P2P Cloud Server All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. | 9.8 |
2018-09-26 | CVE-2018-1683 | Missing Encryption of Sensitive Data vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. | 7.5 |
2018-09-19 | CVE-2018-3826 | Missing Encryption of Sensitive Data vulnerability in Elastic Elasticsearch In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. | 6.5 |
2018-09-11 | CVE-2018-6976 | Missing Encryption of Sensitive Data vulnerability in VMWare Workspace ONE The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. | 5.3 |
2018-09-11 | CVE-2018-6975 | Missing Encryption of Sensitive Data vulnerability in VMWare Intelligent HUB The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted. | 5.5 |
2018-07-26 | CVE-2018-14608 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. | 7.5 |
2018-07-26 | CVE-2018-14607 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | 7.5 |
2018-07-09 | CVE-2017-3198 | Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. | 9.8 |
2018-07-03 | CVE-2018-7781 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric products In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation. | 8.8 |