Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-02 | CVE-2023-30602 | Missing Encryption of Sensitive Data vulnerability in Hitrontech Coda-5310 Firmware 7.2.4.7.1B3 Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. | 7.5 |
| 2023-05-31 | CVE-2023-34258 | Missing Encryption of Sensitive Data vulnerability in BMC Patrol 9.13.10.01 An issue was discovered in BMC Patrol before 22.1.00. | 7.5 |
| 2023-05-19 | CVE-2023-28045 | Missing Encryption of Sensitive Data vulnerability in Dell Cloudiq Collector Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data vulnerability. | 7.1 |
| 2023-05-16 | CVE-2023-32982 | Missing Encryption of Sensitive Data vulnerability in Jenkins Ansible Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier stores extra variables unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. | 4.3 |
| 2023-05-08 | CVE-2023-21404 | Missing Encryption of Sensitive Data vulnerability in Axis OS AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. | 5.3 |
| 2023-05-07 | CVE-2023-32290 | Missing Encryption of Sensitive Data vulnerability in Vk.Company Mymail The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server. | 7.5 |
| 2023-04-13 | CVE-2023-22948 | Missing Encryption of Sensitive Data vulnerability in Tigergraph An issue was discovered in TigerGraph Enterprise Free Edition 3.x. | 4.9 |
| 2023-04-06 | CVE-2023-0750 | Missing Encryption of Sensitive Data vulnerability in Lynx-Technik Yellobrik PEC 1864 Firmware Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the network an attacker could bypass authentication. This would allow an attacker to : - Change the password, resulting in a DOS of the users - Change the streaming source, compromising the integrity of the stream - Change the streaming destination, compromising the confidentiality of the stream This issue affects Yellowbrik: PEC 1864. | 9.8 |
| 2023-04-04 | CVE-2023-28999 | Missing Encryption of Sensitive Data vulnerability in Nextcloud Desktop Nextcloud is an open-source productivity platform. | 6.4 |
| 2023-02-09 | CVE-2022-21940 | Missing Encryption of Sensitive Data vulnerability in Johnsoncontrols Metasys System Configuration Tool Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. | 6.1 |