Fallos del tipo CWE-311

301 resultados
CVE-2025-64144MEDIUMJenkins ByteGuard Build Actions Plugin 1.0 stores API tokens unencrypted in job config.xml files on the Jenkins controller where they can beEPSS 0.2%CVE-2014-6274HIGHS3 and Glacier remotes creds embedded in the git repo were not encryptedEPSS 0.2%CVE-2025-45768HIGHpyjwt v2.10.1 was discovered to contain weak encryption. NOTE: this is disputed by the Supplier because the key length is chosen by the applEPSS 0.2%CVE-2023-38267MEDIUMIBM Security Access Manager Appliance information disclosureEPSS 0.1%CVE-2023-50129MEDIUMMissing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity tEPSS 0.1%CVE-2024-56439HIGHAccess control vulnerability in the identity authentication module Impact: Successful exploitation of this vulnerability may affect service EPSS 0.1%CVE-2023-40251MEDIUMMissing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, GeniaEPSS 0.1%CVE-2025-32875MEDIUMAn issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforcedEPSS 0.1%CVE-2025-8763MEDIUMRuijie EG306MG strongSwan strongswan.conf missing encryptionEPSS 0.1%CVE-2025-59410MEDIUMDragonfly tiny file download uses hard coded HTTP protocolEPSS 0.1%CVE-2022-38194MEDIUMPortal for ArcGIS system properties are not properly encrypted (10.8.1 only)EPSS 0.1%CVE-2023-33833LOWIBM Security Verify Information Queue information disclosureEPSS 0.1%CVE-2025-13453MEDIUMA potential vulnerability was reported in some ThinkPlus USB drives that could allow a user with physical access to read data stored on the EPSS 0.1%CVE-2026-34992HIGHMissing Encryption of Sensitive Data in antrea.io/antreaEPSS 0.1%CVE-2025-43274MEDIUMA privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able toEPSS 0.1%CVE-2024-41980LOWA vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >=EPSS 0.1%CVE-2025-65825MEDIUMThe firmware on the basestation of the Meatmeet is not encrypted. An adversary with physical access to the Meatmeet device can disassemble tEPSS 0.1%CVE-2025-48981HIGHAn insecure implementation of the proprietary protocol DNET in Product CGM MEDICO allows attackers within the intranet to eavesdrop and maniEPSS 0.1%CVE-2021-22782Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versEPSS 0.1%CVE-2022-41627MEDIUM The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal electrocardiogram (EKG) has no encryption for its data-EPSS 0.1%