Vulnerabilities > Missing Encryption of Sensitive Data

DATE CVE VULNERABILITY TITLE RISK
2023-08-15 CVE-2023-39843 Missing Encryption of Sensitive Data vulnerability in Sulimet 5-In-1 Smart Door Lock Firmware 1.0
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.
low complexity
sulimet CWE-311
2.4
2023-07-13 CVE-2023-30561 Missing Encryption of Sensitive Data vulnerability in BD Alaris 8015 PCU Firmware 12.1.3/9.33.1
The data flowing between the PCU and its modules is insecure.
low complexity
bd CWE-311
6.1
2023-07-13 CVE-2023-31819 Missing Encryption of Sensitive Data vulnerability in Livre Keisei Store 13.6.1
An issue found in KEISEI STORE Co, Ltd.
network
low complexity
livre CWE-311
7.5
2023-07-13 CVE-2023-31820 Missing Encryption of Sensitive Data vulnerability in Shizutetsu Store 13.6.1
An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function.
network
low complexity
shizutetsu CWE-311
7.5
2023-07-13 CVE-2023-31822 Missing Encryption of Sensitive Data vulnerability in Entetsu Store 13.4.1
An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Entetsu Store function.
network
low complexity
entetsu CWE-311
7.5
2023-07-13 CVE-2023-31825 Missing Encryption of Sensitive Data vulnerability in Inageya 13.4.1
An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Inageya function.
network
low complexity
inageya CWE-311
7.5
2023-07-12 CVE-2023-37943 Missing Encryption of Sensitive Data vulnerability in Jenkins Active Directory
Jenkins Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted, allowing attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active Directory credentials.
network
high complexity
jenkins CWE-311
5.9
2023-07-07 CVE-2023-37192 Missing Encryption of Sensitive Data vulnerability in Bitcoin Core 22.0
Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.
network
low complexity
bitcoin CWE-311
7.5
2023-06-07 CVE-2023-33849 Missing Encryption of Sensitive Data vulnerability in IBM Cics TX and Txseries for Multiplatforms
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques.
network
high complexity
ibm CWE-311
3.7
2023-05-31 CVE-2023-34258 Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01
An issue was discovered in BMC Patrol before 22.1.00.
network
low complexity
bmc CWE-311
7.5