Weaknesses of type CWE-319
488 resultsCVE-2025-44251HIGHEcovacs Deebot T10 1.7.2 transmits Wi-Fi credentials in cleartext during the pairing process.EPSS 0.2%CVE-2025-54799LOWLego does not enforce HTTPSEPSS 0.2%CVE-2025-36020MEDIUMIBM Guardium Data Protection information disclosureEPSS 0.2%CVE-2025-25728MEDIUMBosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25 & 6.00 were discovered to send communications to the updEPSS 0.2%CVE-2024-45102MEDIUMA privilege escalation vulnerability was discovered that could allow a valid, authenticated LXCA user to escalate their permissions for a coEPSS 0.2%CVE-2022-0005LOWSensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user EPSS 0.2%CVE-2024-8059MEDIUMIPMI credentials may be captured in XCC audit log entries when the account username length is 16 characters.EPSS 0.2%CVE-2019-6540MEDIUMMedtronic Conexus Radio Frequency Telemetry Protocol Cleartext Transmission of Sensitive InformationEPSS 0.2%CVE-2025-11640LOWTomofun Furbo 360/Furbo Mini Bluetooth Low Energy cleartext transmissionEPSS 0.2%CVE-2026-27752HIGHSODOLA SL902-SWTGW124AS <= 200.1.20 Cleartext Credential TransmissionEPSS 0.2%CVE-2025-36274HIGHIBM Aspera HTTP Gateway information disclosureEPSS 0.2%CVE-2026-22271HIGHDell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive IEPSS 0.2%CVE-2024-47577LOWInformation Disclosure vulnerability in SAP Commerce CloudEPSS 0.2%CVE-2026-41275HIGHFlowise: Password Reset Link Sent Over Unsecured HTTPEPSS 0.2%CVE-2025-11492CRITICALHTTP Configuration and Encryption in TransitEPSS 0.2%CVE-2023-3028HIGHImproper backend communication allows access and manipulation of the telemetry dataEPSS 0.2%CVE-2023-24440MEDIUMJenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the private key in plain text as part of the global Jenkins cEPSS 0.2%CVE-2024-45101MEDIUMA privilege escalation vulnerability was discovered when Single Sign On (SSO) is enabled that could allow an attacker to intercept a valid, EPSS 0.2%CVE-2025-54156CRITICALSantesoft Sante PACS Server Cleartext Transmission of Sensitive InformationEPSS 0.2%CVE-2026-40431MEDIUMSenseLive X3050 Cleartext transmission of sensitive informationEPSS 0.2%