Fallos del tipo CWE-311

301 resultados
CVE-2023-4384LOWMaximaTech Portal Executivo Cookie missing encryptionEPSS 0.4%CVE-2021-27783MEDIUMHCL BigFix Mobile / Modern Client Management is vulnerable to sensitive information exposureEPSS 0.3%CVE-2017-3218Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP EPSS 0.3%CVE-2023-37858MEDIUMPHOENIX CONTACT: Use of Hard-coded Credentials in WP 6xxx Web panelsEPSS 0.3%CVE-2018-8849MEDIUMMedtronic N'Vision Clinician Programmer Missing Encryption of Sensitive DataEPSS 0.3%CVE-2023-30523MEDIUMJenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controllerEPSS 0.3%CVE-2024-29151CRITICALRocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.EPSS 0.3%CVE-2023-35888MEDIUMIBM Security Verify Governance information disclosureEPSS 0.3%CVE-2018-18984MEDIUMMedtronic 9790, 2090 CareLink, and 29901 Encore Programmers Missing Encryption of Sensitive DataEPSS 0.3%CVE-2022-38658HIGHHCL BigFix Server Automation (SA) is affected by a security vulnerability around Notification Service EPSS 0.3%CVE-2021-32001MEDIUMK3s/RKE2 bootstrap data is encrypted with empty string if user does not supply a tokenEPSS 0.3%CVE-2020-9058Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but likely not limited to the Linear LB60Z-1 EPSS 0.3%CVE-2025-65098HIGHTypebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization BypassEPSS 0.3%CVE-2024-42495HIGHHughes Network Systems WL3000 Missing Encryption of Sensitive DataEPSS 0.3%CVE-2024-7396HIGHPlaintext CommunicationEPSS 0.3%CVE-2024-20515MEDIUMCisco Identity Services Engine Information Disclosure VulnerabilityEPSS 0.3%CVE-2022-30237HIGHA CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow authentication credentials to be recovered when an attEPSS 0.3%CVE-2014-2379Sensys Networks Traffic Sensor Missing Encryption of Sensitive DataEPSS 0.3%CVE-2017-14012Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:EPSS 0.3%CVE-2024-5731MEDIUMA vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow allows an attacker to control the destination EPSS 0.3%