Vulnerabilities > Missing Encryption of Sensitive Data
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-01-12 | CVE-2022-23116 | Missing Encryption of Sensitive Data vulnerability in Jenkins Conjur Secrets Jenkins Conjur Secrets Plugin 1.0.9 and earlier implements functionality that allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. | 7.5 |
2022-01-10 | CVE-2020-9057 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, allowing an attacker within radio range to take control of or cause a denial of service to a vulnerable device. | 8.8 |
2022-01-10 | CVE-2020-9058 | Missing Encryption of Sensitive Data vulnerability in multiple products Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 version 3.5, Dome DM501 version 4.26, and Jasco ZW4201 version 4.05, do not implement encryption or replay protection. | 8.1 |
2021-12-10 | CVE-2021-37189 | Missing Encryption of Sensitive Data vulnerability in Digi products An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. | 7.5 |
2021-12-09 | CVE-2021-36189 | Missing Encryption of Sensitive Data vulnerability in Fortinet Forticlient Enterprise Management Server A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data | 4.9 |
2021-12-08 | CVE-2021-37050 | Missing Encryption of Sensitive Data vulnerability in Huawei Emui, Harmonyos and Magic UI There is a Missing sensitive data encryption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality. | 7.5 |
2021-11-15 | CVE-2021-38977 | Missing Encryption of Sensitive Data vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2021-10-27 | CVE-2021-35236 | Missing Encryption of Sensitive Data vulnerability in Solarwinds Kiwi Syslog Server The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7.2 and previous versions. | 5.3 |
2021-10-21 | CVE-2021-29883 | Missing Encryption of Sensitive Data vulnerability in IBM Transformation Extender Advanced IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2021-10-14 | CVE-2021-3882 | Missing Encryption of Sensitive Data vulnerability in Ledgersmb LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. | 6.8 |