Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-07 | CVE-2015-3207 | Missing Encryption of Sensitive Data vulnerability in Openshift Origin 3.0.0 In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes. | 5.3 |
| 2022-06-29 | CVE-2021-40642 | Missing Encryption of Sensitive Data vulnerability in Textpattern Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session Without 'Secure' Attribute via textpattern/lib/txplib_misc.php. | 4.3 |
| 2022-06-14 | CVE-2021-40650 | Missing Encryption of Sensitive Data vulnerability in Softwareag Connx 6.2.0.1269 In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. | 6.5 |
| 2022-05-25 | CVE-2021-27779 | Missing Encryption of Sensitive Data vulnerability in Hcltech Versionvault Express 2.0.1 VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server. | 9.1 |
| 2022-05-25 | CVE-2021-27783 | Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | 6.5 |
| 2022-05-20 | CVE-2022-24045 | Missing Encryption of Sensitive Data vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 6.5 |
| 2022-03-16 | CVE-2022-27225 | Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. | 6.5 |
| 2022-02-28 | CVE-2022-26157 | Missing Encryption of Sensitive Data vulnerability in Cherwell Service Management 10.2.3 An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. | 5.3 |
| 2022-02-04 | CVE-2021-21963 | Missing Encryption of Sensitive Data vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. | 5.9 |
| 2022-01-17 | CVE-2022-0183 | Missing Encryption of Sensitive Data vulnerability in Kingjim Mirupass Pw10 Firmware and Mirupass Pw20 Firmware Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords. | 4.6 |