Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data via the DownloadTinyFile function. An attacker can intercept and modify file downloads by performing a man-in-the-middle attack on network traffic, potentially causing peers to receive malicious file...

CVE-2025-10227

Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...

CVE-2025-10227

Missing Encryption of Sensitive Data CWE-311 in the Object Archive component in AxxonSoft Axxon One C-Werk before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at...

CVE-2025-8763

A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...

CVE-2025-8763

CVE-2025-8763 concerns Ruijie EG306MG 3.0(1)B11P309 where the strongSwan component processes the /etc/strongswan.conf file. The root cause is manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk, leading to missing encryption of sensitive data. The vulnerability can...

CVE-2025-8763 Ruijie EG306MG strongSwan strongswan.conf missing encryption

A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...

CVE-2025-8763 Ruijie EG306MG strongSwan strongswan.conf missing encryption

A vulnerability was found in Ruijie EG306MG 3.01B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument idontcareaboutsecurityanduseaggressivemodepsk leads to missing...

The vulnerability of the mbedtls_lms_verify() function in Mbed TLS software allows a hacker to bypass existing security restrictions.

The vulnerability of the mbedtlslmsverify function in Mbed TLS is related to the absence of a necessary encryption step. Exploiting this vulnerability could allow attackers to circumvent existing security restrictions...

The vulnerability of the device management platform for systems related to heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, as well as the Niagara Enterprise Security tools for access control and security, stems from the absence of necessary encryption steps. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the device management platform for systems for heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to the absence of the necessary encryption step. Exploiting...

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-33020

Summary IBM Engineering Systems Design Rhapsody was vulnerable to transmits sensitive information without encryption that could allow an attacker to obtain highly sensitive information. Vulnerability Details CVEID:CVE-2025-33020 DESCRIPTION: IBM Engineering Systems Design Rhapsody transmits...

CVE-2024-25027

IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption. IBM X-Force ID: 281607...

CVE-2023-41095

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM SecureVault High modules allows potential modification or extraction of network credentials stored in flash. This issue affects Silicon Labs OpenThread SDK: 2.3.1 and earlier...

CVE-2023-39843

Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...

CVE-2021-40148

In Modem EMM, there is a possible information disclosure due to a missing data encryption. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00716585; Issue ID: ALPS05886933...

Tridium Niagara Framework和Tridium Niagara Enterprise Security 安全漏洞

Tridium Niagara Framework and Tridium Niagara Enterprise Security are both products of Tridium, Inc.Tridium Niagara Framework is a comprehensive software infrastructure that solves the challenges of creating appliance to enterprise applications. Tridium Niagara Enterprise Security is a...

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to the ordering of code used to start an MCP server container. An attacker can read secrets without needing access to the secrets store itself by gaining access to the home folder of the user who...

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to the ordering of code used to start an MCP server container. An attacker can read secrets without needing access to the secrets store itself by gaining access to the home folder of the user who...

Missing Encryption of Sensitive Data

Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to the ordering of code used to start an MCP server container. An attacker can read secrets without needing access to the secrets store itself by gaining access to the home folder of the user who...

Missing Encryption Of Sensitive Data

org.opendaylight.sfc, odl-sfc-openflow-renderer is vulnerable to Missing Encryption of Sensitive Data. The vulnerability is due to missing security attributes or transmission over unencrypted channels, allowing Man-in-the-Middle attacks to access sensitive information...

Missing Encryption of Sensitive Data

Overview org.codefirst.jenkins.asakusasatellite:asakusa-satellite-plugin is an AsakusaSatellite Plugin. Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data due to the storage of API keys in unencrypted form within job config.xml files. An attacker can access...