Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-26 | CVE-2023-41095 | Missing Encryption of Sensitive Data vulnerability in Silabs Openthread SDK 2.3.0.0/2.3.1.0 Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier. | 9.1 |
| 2023-10-26 | CVE-2023-41096 | Missing Encryption of Sensitive Data vulnerability in Silabs Emberznet SDK 7.3.0.0/7.3.1.0 Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM (SecureVault High modules) allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs Ember ZNet SDK: 7.3.1 and earlier. | 6.1 |
| 2023-10-17 | CVE-2022-22386 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2023-10-17 | CVE-2022-22377 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Privilege On-Premises IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.3 |
| 2023-10-14 | CVE-2022-33161 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2023-09-20 | CVE-2023-43618 | Missing Encryption of Sensitive Data vulnerability in Schollz Croc An issue was discovered in Croc through 9.6.5. | 5.3 |
| 2023-09-11 | CVE-2023-4580 | Missing Encryption of Sensitive Data vulnerability in Mozilla Thunderbird Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. | 6.5 |
| 2023-09-08 | CVE-2022-22401 | Missing Encryption of Sensitive Data vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. | 7.5 |
| 2023-09-08 | CVE-2022-22405 | Missing Encryption of Sensitive Data vulnerability in IBM Aspera Faspex 4.4.1/5.0.0 IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
| 2023-08-31 | CVE-2023-33833 | Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Information Queue 10.0.4/10.0.5 IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain clear text which can be read by a local user. | 3.3 |