Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-311

CWE-311

High likelihood

Missing Encryption of Sensitive Data

Parent: CWE-693 - Protection Mechanism Failure

The product does not encrypt sensitive or critical information before storage or transmission.

508 vulnerabilities with CWE-311

CVE-2023-38688 HIGH

twitch-tui <2.4.1 - Info Disclosure

CVE-2023-30561 MEDIUM

BD Alaris 8015 PCU Firmware < 12.1.3 - Missing Encryption of Sensitive Data

CVE-2023-31825 HIGH

Inageya 13.4.1 - Sensitive Information Exposure via Miniapp Channel Access Token

CVE-2023-31822 HIGH

Entetsu Store <13.4.1 - Info Disclosure

CVE-2023-31820 HIGH

Shizutetsu Store <13.6.1 - Info Disclosure

CVE-2023-31819 HIGH

KEISEI STORE Co, Ltd. LIVRE KEISEI <v.13.6.1 - Info Disclosure

CVE-2023-37943 MEDIUM

Jenkins Active Directory Plugin < 2.30 - Unauthenticated Sensitive Data Exposure via Unencrypted Connection Test

CVE-2023-37192 HIGH

Bitcoin Core v22 - Memory Corruption and Unauthorized Transaction Redirection

CVE-2023-33849 LOW

IBM TXSeries for Multiplatforms - Info Disclosure

CVE-2023-34258 HIGH

BMC Patrol < 22.1.00 - Remote Sensitive Data Exposure via Default AES Key

CVE-2023-28045 MEDIUM

Dell CloudIQ Collector 1.10.2-1.10.16 - Missing Encryption of Sensitive Data

CVE-2023-32982 MEDIUM

Jenkins Ansible Plugin < 204.v8191fd551eb_f - Cleartext Storage of Sensitive Information in Job config.xml

CVE-2023-21404 MEDIUM

AXIS OS 11.0.89-11.3.x - Use of Hard-coded Cryptographic Key in Legacy LUA Components

CVE-2023-32290 HIGH

myMail < 14.30 - Cleartext Transmission of Sensitive Information via STARTTLS Bypass

CVE-2023-22948 MEDIUM

TigerGraph Enterprise Free Edition 3.x < 3.7.0 - Unprotected SSH Private Key Exposure

CVE-2023-30523 MEDIUM

Jenkins Report Portal Plugin <= 0.5 - Cleartext Storage of Sensitive Information in Job Configuration

CVE-2023-0750 CRITICAL

lynx-technik yellobrik_pec_1864_firmware - Authentication Bypass via Client-Side Enforcement

CVE-2023-28841 MEDIUM

Moby 1.12.0-20.10.24 - Unencrypted Data Transmission in Overlay Network Driver

CVE-2023-28999 MEDIUM

Nextcloud <3.8.0-<4.8.0 - Privilege Escalation

CVE-2023-0690 MEDIUM

HashiCorp Boundary 0.10.0-0.11.2 - Cleartext Storage of Sensitive Information in PKI Worker Credentials

CVE-2023-23127 MEDIUM

Connectwise Control 22.8.10013.8329 - Missing Encryption of Sensitive Data

CVE-2022-22386 MEDIUM

IBM Security Verify Privilege On-Premises 11.5 - Info Disclosure

CVE-2022-22377 MEDIUM

IBM Security Verify Privilege On-Premises 11.5 - Info Disclosure

CVE-2022-33161 MEDIUM

IBM Security Directory Server 6.4.0 - Info Disclosure

CVE-2022-22401 MEDIUM

IBM Aspera Faspex 5.0.5 - Info Disclosure

Previous Page 5 of 21 Next

Details

Vulnerabilities 508

Exploit Likelihood High

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy