Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-312

CWE-312

Cleartext Storage of Sensitive Information

Parent: CWE-311 - Missing Encryption of Sensitive Data

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

804 vulnerabilities with CWE-312

CVE-2024-20448 MEDIUM

Cisco Nexus Dashboard Fabric Controller - Info Disclosure

CVE-2024-25661 HIGH

Nokia Transcend Network Management System - Cleartext Storage

CVE-2024-25658 MEDIUM

Nokia Transcend Network Management System - Cleartext Storage

CVE-2024-28807 MEDIUM

Nokia hiT 7300 Firmware 5.60.50 - Cleartext Storage of Sensitive Information in Memory

CVE-2024-28810 MEDIUM

Infinera hiT 7300 5.60.50 - Cleartext Storage of Sensitive Information in Diagnostic Files

CVE-2024-28809 HIGH

Infinera hiT 7300 5.60.50 - Cleartext Storage of Sensitive Password in Firmware Update Packages

CVE-2024-8459 HIGH

PLANET Technology - Info Disclosure

CVE-2024-45744 LOW

TopQuadrant TopBraid EDG <7.1.3 - Info Disclosure

CVE-2024-8644 HIGH

Oceanic Software ValeApp <2.0.0 - JSON Hijacking

CVE-2024-7259 MEDIUM

oVirt Engine < 4.5.7 - Authenticated Cleartext Storage of Sensitive Information in Provider Passwords

CVE-2024-6785 MEDIUM

Configuration File - Info Disclosure

CVE-2024-9040 LOW

Blood Bank Management System 1.0 - Info Disclosure

CVE-2024-45862 HIGH

Kastle Access Control System Firmware < 2024-05-01 - Cleartext Storage of Sensitive Information

CVE-2024-31415 MEDIUM

Eaton Foreseer Electrical Power Monitoring System < 7.8.600 - Insufficiently Protected Credentials

CVE-2024-41629 MEDIUM

Texas Instruments Fusion Digital Power Designer 7.10.1 - Sensitive Information Exposure via Plaintext Credential Storage

CVE-2024-40457 CRITICAL

No-IP Dynamic Update Client 3.x - Cleartext Storage of Sensitive Information

CVE-2024-8689 MEDIUM

Cortex XSOAR/XSIAM - Info Disclosure

CVE-2024-35282 MEDIUM

FortiClient VPN iOS <7.2, <7.0, <6.4, <6.2, <6.0 - Info Disclosure

CVE-2024-45175 HIGH

za-internet C-MOR Video Surveillance 5.2401 - Info Disclosure

CVE-2024-45004 MEDIUM

Linux Kernel 6.10-6.10.7 - Cleartext Storage of Sensitive Information in Trusted Key Blob Export

CVE-2024-41716 HIGH

WindLDR < 9.2.0 and WindO/I-NV4 < 3.1.0 - Cleartext Storage of Sensitive Information

CVE-2024-45391 HIGH

Tina CMS < 1.6.2 - Search Token Exposure via Lock File

CVE-2024-6921 HIGH

NACPremium < 2024-08-01 - Cleartext Storage of Sensitive Information

CVE-2024-32939 MEDIUM

Mattermost 9.5.0-9.5.7 9.8.0-9.8.2 9.9.0-9.9.1 9.10.0 - Improper Access Control in Shared Channels

CVE-2024-25024 MEDIUM

IBM QRadar Suite Software <1.10.23.0 & Cloud Pak for Security <1.10...

Previous Page 9 of 33 Next

Details

Vulnerabilities 804

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy