Vulnerabilities > Missing Encryption of Sensitive Data
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-25 | CVE-2021-27783 | Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed. | 6.5 |
| 2022-05-20 | CVE-2022-24045 | Missing Encryption of Sensitive Data vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 6.5 |
| 2022-03-16 | CVE-2022-27225 | Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise Gradle Enterprise before 2021.4.3 relies on cleartext data transmission in some situations. | 6.5 |
| 2022-02-28 | CVE-2022-26157 | Missing Encryption of Sensitive Data vulnerability in Cherwell Service Management 10.2.3 An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. | 5.3 |
| 2022-02-04 | CVE-2021-21963 | Missing Encryption of Sensitive Data vulnerability in Sealevel Seaconnect 370W Firmware 1.3.34 An information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. | 5.9 |
| 2022-01-17 | CVE-2022-0183 | Missing Encryption of Sensitive Data vulnerability in Kingjim Mirupass Pw10 Firmware and Mirupass Pw20 Firmware Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords. | 4.6 |
| 2022-01-12 | CVE-2022-23116 | Missing Encryption of Sensitive Data vulnerability in Jenkins Conjur Secrets Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. | 7.5 |
| 2022-01-10 | CVE-2020-9057 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. | 8.8 |
| 2022-01-10 | CVE-2020-9058 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. | 8.1 |
| 2021-12-10 | CVE-2021-37189 | Missing Encryption of Sensitive Data vulnerability in Digi products An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. | 7.5 |