CWE-316
21 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-316page 1 of 1
- CVE-2019-3733MEDIUMCVSS 4.9EG 4.92019-09-30
RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could…
- CVE-2021-23182MEDIUMCVSS 6.0EG 4.42021-06-11
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows OSDP reader master keys to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versions prio…
- CVE-2021-23211MEDIUMCVSS 6.0EG 4.42021-06-11
Cleartext Storage of Sensitive Information in Memory vulnerability in Gallagher Command Centre Server allows Cloud end-to-end encryption key to be discoverable in server memory dumps. This issue affects: Gallagher Command Centre 8.40 versi…
- CVE-2021-31989MEDIUMCVSS 5.3EG 5.32021-08-25
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credent…
- CVE-2021-32942MEDIUMCVSS 6.6EG 5.52021-06-09
The vulnerability could expose cleartext credentials from AVEVA InTouch Runtime 2020 R2 and all prior versions (WindowViewer) if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected…
- CVE-2022-0835HIGHCVSS 8.1EG 5.52022-04-11
AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user.
- CVE-2022-29832LOWCVSS 3.7EG 6.52022-11-25
Cleartext Storage of Sensitive Information in Memory vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1.015R and later, GX Works2 all versions and GX Developer versions 8.40S and later allows a remote unauthenticated att…
- CVE-2022-33918MEDIUMCVSS 5.5EG 5.52022-10-12
Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticated non-admin user could potentially exploit this vulnerability and gain access to sensitive information.
- CVE-2022-46141MEDIUMCVSS 4.2EG 4.22023-12-12
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All versions < V19). An information disclosure vulnerability could allow a local attacker to gain access to the access level password of the SIMATIC S7-1200 and S7-1500 CP…
- CVE-2023-23349LOWCVSS 2.2EG 2.22024-03-22
Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue…
- CVE-2023-3762MEDIUMCVSS 4.3EG 4.32023-07-19
A vulnerability was found in Intergard SGS 8.7.0. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information in memory. It is possible to initiate the attack re…
- CVE-2023-40724HIGHCVSS 7.3EG 7.32023-09-12
A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in memory as plaintext. An attacker could perform a memory dump, and get access to credentials, and use it for impersonation.
- CVE-2023-44153HIGHCVSS 7.5EG 2.22023-09-27
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
- CVE-2024-25649MEDIUMCVSS 6.7EG 6.72024-03-14
In Delinea PAM Secret Server 11.4, it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key, database credentials (when SQL Server Authe…
- CVE-2024-33900MEDIUMCVSS 6.5EG 6.52024-05-20
KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover cleartext credentials via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this unavoidable in the current design …
- CVE-2024-33901MEDIUMCVSS 6.5EG 6.52024-05-20
Issue in KeePassXC 2.7.7 allows an attacker (who has the privileges of the victim) to recover some passwords stored in the .kdbx database via a memory dump. NOTE: the vendor disputes this because memory-management constraints make this una…
- CVE-2024-35282MEDIUMCVSS 4.2EG 4.22024-09-10
A cleartext storage of sensitive information in memory vulnerability [CWE-316] affecting FortiClient VPN iOS 7.2 all versions, 7.0 all versions, 6.4 all versions, 6.2 all versions, 6.0 all versions may allow an unauthenticated attacker tha…
- CVE-2024-36792HIGHCVSS 8.2EG 8.22024-06-07
An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain access to the router's pin.
- CVE-2024-39732MEDIUMCVSS 4.1EG 4.12024-07-14
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791.
- CVE-2024-9203LOWCVSS 2.5EG 2.52024-09-26
A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in mem…
- CVE-2026-0857MEDIUMCVSS 6.0EG 6.02026-05-20
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server C…
Map vulnerabilities like CWE-316 to your infrastructure
EchelonGraph correlates every CVE — across CWE-316 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →