Weaknesses of type CWE-319
488 resultsCVE-2022-45480MEDIUMPC Keyboard WiFi & Bluetooth allows an attacker (in a man-in-the-middle position between the server and a connected device) to see all data EPSS 0.4%CVE-2019-5635MEDIUMHickory Smart Lock Cleartext PasswordEPSS 0.4%CVE-2023-50614HIGHAn issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information via crafted POST request to /cgi-bin/luci.EPSS 0.4%CVE-2022-21951MEDIUMRancher: Weave CNI password is not set if RKE template is used with CNI value overriddenEPSS 0.4%CVE-2021-3494—A smart proxy that provides a restful API to various sub-systems of the Foreman is affected by the flaw which can cause a Man-in-the-Middle EPSS 0.4%CVE-2023-22806HIGHCVE-2023-22806EPSS 0.4%CVE-2023-53875HIGHGOM Player 2.3.90.5360 Remote Code Execution via Insecure IE ComponentEPSS 0.4%CVE-2024-0220HIGHB&R products use insufficient communication encryptionEPSS 0.4%CVE-2022-22758HIGHWhen clicking on a tel: link, USSD codes, specified after a <code>\*</code> character, would be included in the phone number. On certain phoEPSS 0.4%CVE-2024-31840MEDIUMAn issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated EPSS 0.4%CVE-2023-31300HIGHAn issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitivEPSS 0.4%CVE-2023-38276MEDIUMIBM Cognos Dashboards information disclosureEPSS 0.4%CVE-2023-38275MEDIUMIBM Cognos Dashboards information disclosureEPSS 0.4%CVE-2023-22863MEDIUMIBM Robotic Process Automation information disclosureEPSS 0.4%CVE-2022-32906MEDIUMThis issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. EPSS 0.4%CVE-2019-18248—BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication chanEPSS 0.4%CVE-2023-5100MEDIUM
Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an
unprivileged remote attacker to retrieve potentially sensitEPSS 0.4%CVE-2023-1656HIGHWhen the LDAP connector is started with StartTLS configured, LDAP BIND credentials are transmitted insecurely, prior to establishing the TLS connection.EPSS 0.3%CVE-2024-47789HIGHCredential Leakage VulnerabilityEPSS 0.3%CVE-2025-8741MEDIUMmacrozheng mall login cleartext transmissionEPSS 0.3%