Total
532 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2723 | 1 Huawei | 1 Files | 2019-10-03 | 2.1 LOW | 6.7 MEDIUM |
| The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attacker with the root privilege of an Android system could forge the Safe to read users' plaintext Safe passwords, leading to information leak. | |||||
| CVE-2018-19279 | 2 Microsoft, Primx | 2 Windows, Zonecentral | 2019-10-03 | 2.1 LOW | 4.3 MEDIUM |
| PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. On non-SSD devices, this is limited to a 5-second window and file sizes less than 600 bytes. The effect on SSD devices may be greater. | |||||
| CVE-2018-9065 | 1 Lenovo | 1 Xclarity Administrator | 2019-10-03 | 3.5 LOW | 7.5 HIGH |
| In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended. | |||||
| CVE-2018-11242 | 1 Makemytrip | 1 Makemytrip | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files. | |||||
| CVE-2018-18641 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information. | |||||
| CVE-2017-14990 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| WordPress 4.8.2 stores cleartext wp_signups.activation_key values (but stores the analogous wp_users.user_activation_key values as hashes), which might make it easier for remote attackers to hijack unactivated user accounts by leveraging database read access (such as access gained through an unspecified SQL injection vulnerability). | |||||
| CVE-2018-10812 | 1 Bitpie | 1 Bitcoin Wallet | 2019-10-03 | 1.9 LOW | 4.1 MEDIUM |
| The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS). | |||||
| CVE-2017-1309 | 1 Ibm | 1 Infosphere Master Data Management Server | 2019-10-03 | 2.1 LOW | 7.8 HIGH |
| IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463. | |||||
| CVE-2018-18394 | 1 Moxa | 1 Thingspro | 2019-10-03 | 5.0 MEDIUM | 9.8 CRITICAL |
| Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | |||||
| CVE-2018-8947 | 1 Laravel Log Viewer Project | 1 Laravel Log Viewer | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated by reading arbitrary files via a dl request. | |||||
| CVE-2017-13663 | 1 Ismartalarm | 2 Cubeone, Cubeone Firmware | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Encryption key exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows attackers to decrypt log files via an exposed key. | |||||
| CVE-2016-8366 | 1 Phoenixcontact | 2 Ilc Plcs, Ilc Plcs Firmware | 2018-10-13 | 5.0 MEDIUM | 7.3 HIGH |
| Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. The password macro can be configured in a way that the password is stored and transferred in clear text. | |||||