Fallos del tipo CWE-311
301 resultadosCVE-2024-28249MEDIUMCilium has possible unencrypted traffic between nodes when using IPsec and L7 policiesEPSS 0.3%CVE-2024-41124MEDIUMPuncia Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`EPSS 0.3%CVE-2022-31085MEDIUMMissing Encryption of Sensitive Data in ldap-account-managerEPSS 0.3%CVE-2017-12716—Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communicEPSS 0.2%CVE-2024-38325MEDIUMIBM Storage Defender information disclosureEPSS 0.2%CVE-2023-38699CRITICALMindsDB 'Call to requests with verify=False disabling SSL certificate checks, security issue.' issueEPSS 0.2%CVE-2025-64147MEDIUMJenkins Curseforge Publisher Plugin 1.0 does not mask API Keys displayed on the job configuration form, increasing the potential for attackeEPSS 0.2%CVE-2019-18254—BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest. An attacker with physical access to EPSS 0.2%CVE-2025-24008HIGHA vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions), SIRIUS Safety Relays 3SK2 (All versions). TheEPSS 0.2%CVE-2025-36062MEDIUMIBM Cognos Analytics Mobile (iOS) information disclosureEPSS 0.2%CVE-2024-27106MEDIUMVulnerable data in transit in GE HealthCare EchoPAC productsEPSS 0.2%CVE-2022-35860MEDIUMMissing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio EPSS 0.2%CVE-2025-53663MEDIUMJenkins IBM Cloud DevOps Plugin 2.0.16 and earlier stores SonarQube authentication tokens unencrypted in job config.xml files on the JenkinsEPSS 0.2%CVE-2024-23444MEDIUMElasticsearch elasticsearch-certutil csr fails to encrypt private keyEPSS 0.2%CVE-2025-53666MEDIUMJenkins Dead Man's Snitch Plugin 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller, where thEPSS 0.2%CVE-2025-29314HIGHInsecure Shiro cookie configurations in OpenDaylight Service Function Chaining (SFC) Subproject SFC Sodium-SR4 and below allow attackers to EPSS 0.2%CVE-2025-53668MEDIUMJenkins VAddy Plugin 1.2.8 and earlier stores Vaddy API Auth Keys unencrypted in job config.xml files on the Jenkins controller, where they EPSS 0.2%CVE-2020-7567HIGHA CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attEPSS 0.2%CVE-2025-53659MEDIUMJenkins QMetry Test Management Plugin 1.13 and earlier stores Qmetry Automation API Keys unencrypted in job config.xml files on the Jenkins EPSS 0.2%CVE-2024-25631MEDIUMUnencrypted traffic between pods when using Wireguard and an external kvstoreEPSS 0.2%