Medium
CVSS: 5.7
The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool (e.g., SDR) can capture the random number and counters transmitted in cleartext, which is sensiti…
High
CVSS: 8.3
Cleartext Transmission of Sensitive Information vulnerability in Pan Software & Information Technologies Ltd. PanCafe Pro allows Flooding.This issue affects PanCafe Pro: from < 3.3.2 through 23092025.
Low
CVSS: 2.1
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation.
The library version
could be displayed on the web page. This information could be exploited by an
attacker for other attacks.
The
affected product…
High
CVSS: 7.0
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive…
High
CVSS: 8.2
Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material.
High
CVSS: 8.5
The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function. A third party with permissions to both call this API and permissio…
Medium
CVSS: 6.5
A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cle…
Medium
CVSS: 6.5
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability in the Fabric Syslog. An unauthenticated attacker with remote access could…
High
CVSS: 7.5
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit t…
Medium
CVSS: 6.5
Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not req…
High
CVSS: 7.6
The Process Optimization application suite leverages connection
channels/protocols that by-default are not encrypted and could become
subject to hijacking or data leakage in certain man-in-the-middle or
passive inspection scenarios.
Medium
CVSS: 6.8
A potential vulnerability was reported in ThinkPlus configuration software that could allow a local authenticated user to gain access to sensitive device information.
Medium
CVSS: 5.3
Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier.
High
CVSS: 8.7
This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An a…
High
CVSS: 8.7
This vulnerability exists in Tenda wireless routers (300Mbps Wireless Router F3 and N300 Easy Setup Router) due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based ad…
Critical
CVSS: 9.1
FaceSentry Access Control System 6.4.8 contains a cleartext transmission vulnerability that allows remote attackers to intercept authentication credentials. Attackers can perform man-in-the-middle attacks to capture HTTP cookie authenticati…
High
CVSS: 8.7
An attacker with a network connection could detect credentials in clear text.
High
CVSS: 8.6
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave…
High
CVSS: 8.6
QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept user authentication credentials through cleartext cookie transmission. Attackers can perform man-in-t…
High
CVSS: 7.5
Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext.