Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-312

CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

804 vulnerabilities with CWE-312

CVE-2024-35117 MEDIUM

IBM OpenPages with Watson 9.0 - Cleartext Storage of Sensitive Information in System Tracing Log Files

CVE-2024-46340 CRITICAL

TP-Link TL-WR845N(UN)_V4 - Cleartext Storage of Sensitive Information

CVE-2024-40582 HIGH

Pentaminds CuroVMS v2.0.1 - Info Disclosure

CVE-2024-55582 MEDIUM

Oxide < 6 - Cleartext Storage of Sensitive Information in Control Plane Datastores

CVE-2024-54127 MEDIUM

TP-Link Archer C50 - Info Disclosure

CVE-2024-12094 MEDIUM

Tinxy Android app < 663000 and iOS app < 6.7.0 - Cleartext Storage of Sensitive Information in Device Database

CVE-2024-42451 MEDIUM

Veeam Backup & Replication - Info Disclosure

CVE-2024-53979 HIGH

zhmc-ansible-modules < 1.9.3 - Cleartext Storage of Sensitive Information in Log Files

CVE-2024-53865 HIGH

zhmcclient < 1.18.1 - Cleartext Storage of Sensitive Information in Logs

CVE-2024-29146 MEDIUM

Product with vulnerability - Info Disclosure

CVE-2024-46383 LOW

Hathway Skyworth Router CM5100-511 v4.1.1.24 - Info Disclosure

CVE-2024-52525 LOW

Nextcloud Server 28.0.0-28.0.11 - Cleartext Storage of Sensitive Information in Session Data

CVE-2024-11159 MEDIUM

Thunderbird < 128.4.3 - Cleartext Storage of Sensitive Information via OpenPGP Encrypted Messages

CVE-2024-43429 MEDIUM

Moodle < 4.1.12 and 4.4.0-4.4.2 - Unprotected User Data Exposure via Gradebook Reports

CVE-2024-51993 LOW

Combodo iTop <3.2.0 - Info Disclosure

CVE-2024-34891 MEDIUM

Bitrix24 23.300.100 - Cleartext Storage of Sensitive Information in DAV Server Settings

CVE-2024-10523 MEDIUM

TP-Link Tapo H100 Firmware < 1.5.22 - Cleartext Storage of Wi-Fi Credentials

CVE-2024-7783 HIGH

AnythingLLM < 1.2.1 - Cleartext Storage of Sensitive Information in JWT Bearer Token

CVE-2024-9991 HIGH

Philips lighting devices - Info Disclosure

CVE-2024-8070 HIGH

Firmware <version> - Info Disclosure

CVE-2024-9802 MEDIUM

Zowe API Mediation Layer 2.11.0-2.16.9 - Information Exposure via Conformance Validation Endpoint

CVE-2024-9798 CRITICAL

Zowe API Mediation Layer 1.0.0-1.28.7 - Unauthenticated Sensitive Information Exposure via Health Endpoint

CVE-2024-9466 MEDIUM

Palo Alto Networks Expedition 1.2.0-1.2.95 - Authenticated Sensitive Information Disclosure in Log Files

CVE-2024-6400 HIGH

Finrota Netahsilat <1.24.03 - Info Disclosure

CVE-2024-47529 MEDIUM

OpenC3 COSMOS < 5.19.0 - Cleartext Storage of Sensitive Information in LocalStorage

Previous Page 8 of 33 Next

Details

Vulnerabilities 804

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy