CWE-313 · Cleartext Storage in a File or on Disk
27 CVEs classified under CWE-313 (Cleartext Storage in a File or on Disk). Browse by severity and year.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4397 | Medium | 6.8 | 2026-05-07 | Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify encr… |
CVE-2018-10622 | Medium | 6.8 | 2018-08-10 | Medtronic MyCareLink Patient Monitor uses per-product credentials that are stored in a recoverable format. An attacker can use these credentials to modify en… |
CVE-2025-64305 | Medium | 6.5 | 2026-01-07 | MicroServer copies parts of the system firmware to an unencrypted external SD card on boot, which contains user and vendor secrets. An attacker can utilize the… |
CVE-2024-20448 | Medium | 6.3 | 2024-10-02 | A vulnerability in the Cisco Nexus Dashboard Fabric Controller (NDFC) software, formerly Cisco Data Center Network Manager (DCNM), could allow an attacker with… |
CVE-2025-36154 | Medium | 6.2 | 2025-12-24 | IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker builds which could be obtained by a local user. |
CVE-2024-6785 | Medium | 5.5 | 2024-09-21 | The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting i… |
CVE-2024-30406 | Medium | 5.5 | 2024-04-12 | A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent softw… |
CVE-2023-4066 | Medium | 5.5 | 2023-09-27 | A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; ho… |
CVE-2026-5531 | Medium | 5.3 | 2026-04-05 | A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login_credentials.txt of th… |
CVE-2023-35699 | Medium | 5.3 | 2023-07-10 | Cleartext Storage on Disk in the SICK ICR890-4 could allow an unauthenticated attacker with local access to the device to disclose sensitive information by acc… |
CVE-2019-19291 | Medium | 5.3 | 2020-03-10 | A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0), SiNVR/SiVMS Video Server (All versions < V5.0.0). The FTP services… |
CVE-2024-49762 | Medium | 4.6 | 2024-10-24 | Pterodactyl is a free, open-source game server management panel. When a user disables two-factor authentication via the Panel, a `DELETE` request with their cu… |
CVE-2026-6796 | Medium | 4.3 | 2026-04-21 | A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function log_login of the file core/src/main/java/com/publiccms/controlle… |
CVE-2026-6598 | Medium | 4.3 | 2026-04-20 | A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of th… |
CVE-2023-0114 | Low | 3.3 | 2023-01-07 | A vulnerability was found in Netis Netcore Router. It has been rated as problematic. Affected by this issue is some unknown functionality of the file param.fil… |
CVE-2025-14836 | Low | 2.7 | 2025-12-17 | A flaw has been found in ZZCMS 2025. Affected by this vulnerability is an unknown functionality of the file /reg/user_save.php of the component User Data Stora… |
CVE-2025-5154 | Low | 2.3 | 2025-05-25 | A vulnerability, which was classified as problematic, was found in PhonePe App 25.03.21.0 on Android. Affected is an unknown function of the file /data/data/co… |
CVE-2024-9040 | Low | 2.3 | 2024-09-20 | A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the componen… |
CVE-2023-2863 | Low | 2.3 | 2023-05-24 | A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown… |
CVE-2025-6748 | Low | 2.1 | 2025-06-27 | A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/d… |