Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
Android App "あんしんフィルター for au" provided by KDDI CORPORATION contains Cleartext Transmission of Sensitive Information (CWE-319) vulnerability. A man-in-the-middle attacker may access and modify communi
A cleartext transmission of sensitive information vulnerability in the affected products allows an unauthorized remote attacker to gain login credentials and access the Web-UI.
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker.
An issue pertaining to CWE-319: Cleartext Transmission of Sensitive Information was discovered in Nexusoft NexusInterface v3.2.0-beta.2.
The web server of the device performs exchanges of sensitive information in clear text through an insecure protocol.
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from Cleartext Transmission of Sensitive Information due to lack of encryption in device-server communication.
Cleartext transmission of sensitive information for some BigDL software maintained by Intel(R) before version 2.5.0 may allow an authenticated user to potentially enable denial of service via adjacent
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept user authentication credentials through cleartext cookie tran
General Industrial Controls Lynx+ Gateway is vulnerable to a cleartext transmission vulnerability that could allow an attacker to observe network traffic to obtain sensitive information, including p
A cleartext transmission vulnerability exists in the WEBVIEW-M functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted HTTP request can lead to a disclosure of sensitive information. A
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations
Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the s
An issue was discovered in Infinera hiT 7300 5.60.50. Cleartext storage of sensitive password in firmware update packages allows attackers to access various appliance services via hardcoded credential
Smart-tab Android app installed April 2023 or earlier contains an issue with plaintext storage of a password. If this vulnerability is exploited, an attacker with physical access to the device may ret
An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data via the android:allowBackup="true" in the ANdroidManifest.xml
A “CWE-256: Plaintext Storage of a Password” affecting the administrative account allows an attacker with physical access to the machine to retrieve the password in cleartext unless specific security
CVE-2025-4378
CRITICAL CVSS 10.0
Find Similar
Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile Application allows Authentication Abuse, Authentication Bypass. This
A vulnerability was reported in version 1.0 of the Bluetooth Transmission Alliance protocol adopted by Motorola Smart Connect Android Application that could allow a nearby attacker within the Bluetoot
Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding. This issue affects PanCafe Pro: from < 3.3.2 through 2309202
A vulnerability has been found in Coinomi up to 1.7.6. This issue affects some unknown processing. Such manipulation leads to cleartext transmission of sensitive information. The attack can be launche
Page 1+ Next →