Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-19 | CVE-2018-3826 | Missing Encryption of Sensitive Data vulnerability in Elastic Elasticsearch In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. | 6.5 |
| 2018-09-11 | CVE-2018-6976 | Missing Encryption of Sensitive Data vulnerability in VMWare Workspace ONE The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. | 5.3 |
| 2018-09-11 | CVE-2018-6975 | Missing Encryption of Sensitive Data vulnerability in VMWare Intelligent HUB The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted. | 5.5 |
| 2018-07-26 | CVE-2018-14608 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. | 7.5 |
| 2018-07-26 | CVE-2018-14607 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | 7.5 |
| 2018-07-13 | CVE-2018-10631 | Missing Encryption of Sensitive Data vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer and 8870 N'Vision removable application card does not encrypt PII and PHI while at rest. | 6.8 |
| 2018-07-09 | CVE-2017-3198 | Missing Encryption of Sensitive Data vulnerability in Gigabyte Gb-Bsi7H-6500 Firmware and Gb-Bxi7-5775 Firmware GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. | 9.8 |
| 2018-07-03 | CVE-2018-7781 | Missing Encryption of Sensitive Data vulnerability in Schneider-Electric products In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation. | 8.8 |
| 2018-07-03 | CVE-2018-4855 | Missing Encryption of Sensitive Data vulnerability in Siemens Siclock Tc100 Firmware and Siclock Tc400 Firmware A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). | 6.5 |
| 2018-06-11 | CVE-2018-5185 | Missing Encryption of Sensitive Data vulnerability in multiple products Plaintext of decrypted emails can leak through by user submitting an embedded form. | 6.5 |