Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2018-8864 | Missing Encryption of Sensitive Data vulnerability in Atisystem products In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms. | 3.1 |
| 2018-05-25 | CVE-2018-6674 | Missing Encryption of Sensitive Data vulnerability in Mcafee Virusscan Enterprise 8.8.0 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | 3.9 |
| 2018-05-18 | CVE-2018-8849 | Missing Encryption of Sensitive Data vulnerability in Medtronic N'Vision 8840 Firmware and N'Vision 8870 Firmware Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest. | 4.6 |
| 2018-05-15 | CVE-2018-10825 | Missing Encryption of Sensitive Data vulnerability in Mimobaby Mimo Baby 2 Firmware Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack. | 5.3 |
| 2018-05-01 | CVE-2017-14012 | Missing Encryption of Sensitive Data vulnerability in Bostonscientific Zoom Latitude PRM 3120 Firmware Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. | 4.6 |
| 2018-04-23 | CVE-2018-4847 | Missing Encryption of Sensitive Data vulnerability in Siemens Simatic Wincc OA Operator A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4). | 4.6 |
| 2018-03-28 | CVE-2018-7498 | Missing Encryption of Sensitive Data vulnerability in Philips Alice 6 Firmware R8.0.2 In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys. | 9.8 |
| 2018-02-22 | CVE-2017-5251 | Missing Encryption of Sensitive Data vulnerability in Insteon HUB Firmware In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted. | 8.1 |
| 2018-02-07 | CVE-2017-15397 | Missing Encryption of Sensitive Data vulnerability in Google Chrome OS Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | 7.4 |
| 2018-02-02 | CVE-2018-5261 | Missing Encryption of Sensitive Data vulnerability in Flexense Diskboss An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. | 8.1 |