Weaknesses of type CWE-319
488 resultsCVE-2025-54156CRITICALSantesoft Sante PACS Server Cleartext Transmission of Sensitive InformationEPSS 0.2%CVE-2022-2338MEDIUMSofting Secure Integration Server Cleartext Transmission of Sensitive InformationEPSS 0.2%CVE-2026-43625HIGHCodexBar < 0.32.0 Session Cookie Exposure via HTTP RedirectEPSS 0.2%CVE-2026-33569MEDIUMAnviz Products Cleartext Transmission of Sensitive InformationEPSS 0.2%CVE-2025-64648MEDIUMMultiple Vulnerabilities in IBM Concert SoftwareEPSS 0.2%CVE-2025-13490MEDIUMIBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentialityEPSS 0.2%CVE-2026-50200HIGHSteeltoe's env sanitizer misses connection strings — leaks embedded DB passwordsEPSS 0.2%CVE-2025-70048HIGHAn issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2.EPSS 0.2%CVE-2025-57727MEDIUMIn JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote referenceEPSS 0.2%CVE-2025-13718LOWIBM Sterling Partner Engagement Manager Information DisclosureEPSS 0.2%CVE-2024-35495MEDIUMAn Information Disclosure vulnerability in the Telemetry component in TP-Link Kasa KP125M V1.0.0 and Tapo P125M 1.0.0 Build 220930 Rel.14394EPSS 0.2%CVE-2025-0250LOWHCL IEM is affected by an authorization token sent in cookie vulnerabilityEPSS 0.2%CVE-2025-52490HIGHAn issue was discovered in Couchbase Sync Gateway before 3.2.6. In sgcollect_info_options.log and sync_gateway.log, there are cleartext passEPSS 0.2%CVE-2024-42181LOWHCL MyXalytics is affected by a cleartext transmission of sensitive information vulnerabilityEPSS 0.2%CVE-2026-22155MEDIUMA cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 throughEPSS 0.2%CVE-2025-12508HIGHUnencrypted communication to Active Directory servicesEPSS 0.2%CVE-2024-27166HIGHInsecure permissionsEPSS 0.2%CVE-2025-47698HIGHAn adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user-privileged credentials. These credentiaEPSS 0.2%CVE-2025-59448MEDIUMComponents of the YoSmart YoLink ecosystem through 2025-10-02 leverage unencrypted MQTT to communicate over the internet. An attacker with tEPSS 0.2%CVE-2023-46889MEDIUMMeross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an EPSS 0.2%