Weaknesses of type CWE-319
488 resultsCVE-2023-39172CRITICALSENEC: Storage Box V1,V2 and V3 transmitting sensitive data unencryptedEPSS 0.6%CVE-2020-27657MEDIUMCleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-mEPSS 0.6%CVE-2021-32934CRITICALThroughTek P2P SDK - Cleartext Transmission of Sensitive InformationEPSS 0.6%CVE-2024-48788HIGHAn issue in YESCAM (com.yescom.YesCam.zwave) 1.0.2 allows a remote attacker to obtain sensitive information via the firmware update process.EPSS 0.6%CVE-2023-32328HIGHIBM Security Verify Access information disclosureEPSS 0.6%CVE-2021-22703MEDIUMA CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8EPSS 0.6%CVE-2021-40392MEDIUMAn information disclosure vulnerability exists in the Web Application functionality of Moxa MXView Series 3.2.4. Network sniffing can lead tEPSS 0.6%CVE-2018-8842—Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits sensitive or security-critical data in cleartext iEPSS 0.6%CVE-2021-22702MEDIUMA CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION7700/73xx, ION83xx/84xx/8EPSS 0.6%CVE-2022-30993—Cleartext transmission of sensitive informationEPSS 0.5%CVE-2022-30994—Cleartext transmission of sensitive informationEPSS 0.5%CVE-2023-1802MEDIUMIn Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failedEPSS 0.5%CVE-2022-32227MEDIUMA cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permEPSS 0.5%CVE-2021-23846HIGHB426 Credential DisclosureEPSS 0.5%CVE-2021-23018—Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocEPSS 0.5%CVE-2020-8356MEDIUMAn internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTEPSS 0.5%CVE-2021-3417MEDIUMAn internal product security audit of LXCO, prior to version 1.2.2, discovered that credentials for Lenovo XClarity Administrator (LXCA), ifEPSS 0.5%CVE-2020-27656MEDIUMCleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-EPSS 0.5%CVE-2022-39269CRITICALMedia transport downgrade from the secure version (SRTP) to non-secure (RTP) in pjsipEPSS 0.5%CVE-2021-38418HIGHDelta Electronics DIALinkEPSS 0.5%