Description
The product stores sensitive information in cleartext in a file, or on disk.
Extended Description
The sensitive information could be read by attackers with access to the file, or with physical or administrator access to the raw disk. Even if the information is encoded in a way that is not human-readable, certain techniques could determine which encoding is being used, then decode the information.
CVE vulnerabilities with CWE-313 (30)
9.1
CVSS
CRITICAL
CVE-2025-5098
pub. 2025-05-23
8.8
CVSS
HIGH
CVE-2016-6538
pub. 2018-07-06
8.2
CVSS
HIGH
CVE-2026-52783
pub. 2026-06-26
8.2
CVSS
HIGH
CVE-2026-24349
pub. 2026-06-09
7.8
CVSS
HIGH
CVE-2016-6546
pub. 2018-07-13
7.8
CVSS
HIGH
CVE-2016-6547
pub. 2018-07-13
7.1
CVSS
HIGH
CVE-2025-64305
pub. 2026-01-07
7.0
CVSS
HIGH
CVE-2024-38280
pub. 2024-06-13
6.8
CVSS
MEDIUM
CVE-2025-4397
pub. 2026-05-07
6.8
CVSS
MEDIUM
CVE-2024-6785
pub. 2024-09-21
6.7
CVSS
MEDIUM
CVE-2026-8804
pub. 2026-07-03
6.7
CVSS
MEDIUM
CVE-2024-30406
pub. 2024-04-12
6.3
CVSS
MEDIUM
CVE-2024-20448
pub. 2024-10-02
6.2
CVSS
MEDIUM
CVE-2025-36154
pub. 2025-12-24
6.0
CVSS
MEDIUM
CVE-2024-5916
pub. 2024-08-14
5.5
CVSS
MEDIUM
CVE-2026-5531
pub. 2026-04-05
5.5
CVSS
MEDIUM
CVE-2023-4066
pub. 2023-09-27
5.3
CVSS
MEDIUM
CVE-2026-6796
pub. 2026-04-21
5.3
CVSS
MEDIUM
CVE-2023-35699
pub. 2023-07-10
5.3
CVSS
MEDIUM
CVE-2019-19291
pub. 2020-03-10
Showing 20 of 30 vulnerabilities