Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-312

CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

804 vulnerabilities with CWE-312

CVE-2023-51702 MEDIUM

Apache Airflow 2.3.0-2.6.0 Sensitive Information Exposure in Deferrable Mode

CVE-2023-27098 HIGH

TP-Link Tapo <v2.12.703 - Info Disclosure

CVE-2023-6250 HIGH

BestWebSoft's Like & Share <2.74 - Info Disclosure

CVE-2023-50294 MEDIUM

GROWI < 6.0.6 - Cleartext Storage of Sensitive Information in App Settings

CVE-2023-5384 HIGH

Redhat Data Grid < 8.4.6 - Cleartext Storage

CVE-2023-50719 HIGH

XWiki Platform 7.2-milestone-2-14.10.14 - Unauthenticated Exposure of Sensitive Information via Solr Search

CVE-2023-50777 MEDIUM

Jenkins PaaSLane Estimate Plugin <= 1.0.4 - Cleartext Storage of Sensitive Information

CVE-2023-50776 MEDIUM

Jenkins PaaSLane Estimate Plugin <= 1.0.4 - Cleartext Storage of Sensitive Information in Job config.xml

CVE-2023-50773 MEDIUM

Jenkins Dingding JSON Pusher Plugin < 2.0 - Cleartext Storage of Sensitive Information

CVE-2023-50772 MEDIUM

Jenkins Dingding JSON Pusher Plugin <= 2.0 - Cleartext Storage of Sensitive Information in Job Config

CVE-2023-40238 MEDIUM

Fujitsu Esprimo Firmware - Cleartext Storage of Sensitive Information

CVE-2023-46388 HIGH

LOYTEC electronics GmbH LINX-212/LINX-151 - Info Disclosure

CVE-2023-46386 HIGH

LOYTEC electronics GmbH LINX-212/LINX-151 - Info Disclosure

CVE-2023-46384 HIGH

LOYTEC electronics GmbH LINX Configurator - Info Disclosure

CVE-2023-48707 MEDIUM

CodeIgniter Shield <1.0.0-beta.8 - Info Disclosure

CVE-2023-47312 MEDIUM

Headwind MDM 5.22.1 - Cleartext Storage of Sensitive Information in Audit Logs

CVE-2023-48700 MEDIUM

nautobot-plugin-device-onboarding 2.0.0-3.0.0 - Cleartext Storage of Sensitive Information in Job Results

CVE-2023-48305 MEDIUM

Nextcloud Server 25.0.0-25.0.10 - Cleartext Storage of Sensitive Information in Debug Log

CVE-2023-46376 HIGH

Zentao Biz < 8.7 - Cleartext Storage of Sensitive Information

CVE-2023-41096 MEDIUM

Silicon Labs Ember ZNet SDK <7.3.1 - Info Disclosure

CVE-2023-41095 MEDIUM

Silicon Labs OpenThread SDK <2.3.1 - Info Disclosure

CVE-2023-46653 MEDIUM

Jenkins lambdatest-automation <1.20.10 - Info Disclosure

CVE-2023-46128 MEDIUM

Nautobot 2.0.0-2.0.2 - Authenticated Exposure of Hashed User Passwords via REST API Depth Parameter

CVE-2023-45151 MEDIUM

Nextcloud Server < 25.0.8 - Cleartext Storage of OAuth2 Tokens

CVE-2023-44037 HIGH

ZPE Systems, Inc Nodegrid OS <5.8.14 & <5.10.6 - Info Disclosure

Previous Page 12 of 33 Next

Details

Vulnerabilities 804

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy