Common Weakness Enumeration

CWE-316

Allowed

Cleartext Storage of Sensitive Information in Memory

Abstraction: Variant · Status: Draft

The product stores sensitive information in cleartext in memory.

62 vulnerabilities reference this CWE, most recent first.

GHSA-JJMC-HPG2-7V48

Vulnerability from github – Published: 2025-06-29 12:31 – Updated: 2025-06-29 12:31
VLAI
Details

Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-24915"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-29T12:15:22Z",
    "severity": "MODERATE"
  },
  "details": "Credentials are not cleared from memory after being used. A user with Administrator permissions can execute memory dump for SmartConsole process and fetch them.",
  "id": "GHSA-jjmc-hpg2-7v48",
  "modified": "2025-06-29T12:31:06Z",
  "published": "2025-06-29T12:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24915"
    },
    {
      "type": "WEB",
      "url": "https://support.checkpoint.com/results/sk/sk183545"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-JRWF-CCH6-5737

Vulnerability from github – Published: 2025-10-08 18:30 – Updated: 2025-10-08 18:30
VLAI
Details

Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-9970"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-08T17:15:35Z",
    "severity": "MODERATE"
  },
  "details": "Cleartext Storage of Sensitive Information in Memory vulnerability in ABB MConfig.This issue affects MConfig: through 1.4.9.21.",
  "id": "GHSA-jrwf-cch6-5737",
  "modified": "2025-10-08T18:30:16Z",
  "published": "2025-10-08T18:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9970"
    },
    {
      "type": "WEB",
      "url": "https://search.abb.com/library/Download.aspx?DocumentID=4TZ00000006008\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-M882-67H5-2G42

Vulnerability from github – Published: 2024-03-22 18:30 – Updated: 2024-03-22 18:30
VLAI
Details

Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-23349"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-22T17:15:07Z",
    "severity": "LOW"
  },
  "details": "Kaspersky has fixed a security issue in Kaspersky Password Manager (KPM) for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form of a website with the saved credentials, and the KPM extension must autofill these credentials. The attacker must then launch a malware module to steal those specific credentials.",
  "id": "GHSA-m882-67h5-2g42",
  "modified": "2024-03-22T18:30:31Z",
  "published": "2024-03-22T18:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-23349"
    },
    {
      "type": "WEB",
      "url": "https://support.kaspersky.com/vulnerability/list-of-advisories/12430#180324"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-P763-V5VH-F5MG

Vulnerability from github – Published: 2024-06-07 15:30 – Updated: 2024-07-03 18:44
VLAI
Details

An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain access to the router's pin.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-36792"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-07T15:15:50Z",
    "severity": "HIGH"
  },
  "details": "An issue in the implementation of the WPS in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to gain access to the router\u0027s pin.",
  "id": "GHSA-p763-v5vh-f5mg",
  "modified": "2024-07-03T18:44:18Z",
  "published": "2024-06-07T15:30:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36792"
    },
    {
      "type": "WEB",
      "url": "https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-netgear-wnr614-router"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PF56-W9MV-33WC

Vulnerability from github – Published: 2026-02-10 06:30 – Updated: 2026-02-17 15:31
VLAI
Details

In SAP Business One, sensitive information is written to the application�s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high impact on confidentiality and integrity, with no impact on availability.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-24319"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-02-10T04:16:03Z",
    "severity": "MODERATE"
  },
  "details": "In SAP Business One, sensitive information is written to the application\ufffds memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations within the B1 environment, including modification of company data. This issue results in a high impact on confidentiality and integrity, with no impact on availability.",
  "id": "GHSA-pf56-w9mv-33wc",
  "modified": "2026-02-17T15:31:33Z",
  "published": "2026-02-10T06:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24319"
    },
    {
      "type": "WEB",
      "url": "https://me.sap.com/notes/3679346"
    },
    {
      "type": "WEB",
      "url": "https://url.sap/sapsecuritypatchday"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R649-Q23F-J395

Vulnerability from github – Published: 2025-11-18 18:32 – Updated: 2025-11-18 18:32
VLAI
Details

A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators' credentials via diagnose commands.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-61713"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-18T17:16:07Z",
    "severity": "MODERATE"
  },
  "details": "A Cleartext Storage of Sensitive Information in Memory vulnerability [CWE-316] in Fortinet FortiPAM 1.6.0, FortiPAM 1.5 all versions, FortiPAM 1.4 all versions, FortiPAM 1.3 all versions, FortiPAM 1.2 all versions, FortiPAM 1.1 all versions, FortiPAM 1.0 all versions may allow an authenticated attacker with read-write admin privileges to the CLI to obtain other administrators\u0027 credentials via diagnose commands.",
  "id": "GHSA-r649-q23f-j395",
  "modified": "2025-11-18T18:32:54Z",
  "published": "2025-11-18T18:32:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61713"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-789"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V4HR-6G26-8757

Vulnerability from github – Published: 2025-05-28 18:33 – Updated: 2025-05-28 18:33
VLAI
Details

The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues, as exploited in the wild in May 2025.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-48930"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-28T17:15:25Z",
    "severity": "LOW"
  },
  "details": "The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues, as exploited in the wild in May 2025.",
  "id": "GHSA-v4hr-6g26-8757",
  "modified": "2025-05-28T18:33:28Z",
  "published": "2025-05-28T18:33:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48930"
    },
    {
      "type": "WEB",
      "url": "https://www.wired.com/story/how-the-signal-knock-off-app-telemessage-got-hacked-in-20-minutes"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-VXWQ-VCRR-3QJ8

Vulnerability from github – Published: 2024-09-26 18:31 – Updated: 2024-09-26 18:31
VLAI
Details

A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 6.10.1 is able to address this issue. It is recommended to upgrade the affected component.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-9203"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-26T17:15:04Z",
    "severity": "LOW"
  },
  "details": "A vulnerability, which was classified as problematic, has been found in Enpass Password Manager up to 6.9.5 on Windows. This issue affects some unknown processing. The manipulation leads to cleartext storage of sensitive information in memory. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 6.10.1 is able to address this issue. It is recommended to upgrade the affected component.",
  "id": "GHSA-vxwq-vcrr-3qj8",
  "modified": "2024-09-26T18:31:45Z",
  "published": "2024-09-26T18:31:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9203"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.278561"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.278561"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.411207"
    },
    {
      "type": "WEB",
      "url": "https://www.enpass.io/release-notes/windows-10-desktop"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-WXWF-H485-H4X8

Vulnerability from github – Published: 2024-03-14 03:31 – Updated: 2024-08-27 21:31
VLAI
Details

In Delinea PAM Secret Server 11.4, it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the encryption key of RabbitMQ queue messages, and session cookies.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-25649"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-14T03:15:08Z",
    "severity": "MODERATE"
  },
  "details": "In Delinea PAM Secret Server 11.4, it is possible for an attacker (with Administrator access to the Secret Server machine) to read the following data from a memory dump: the decrypted master key, database credentials (when SQL Server Authentication is enabled), the encryption key of RabbitMQ queue messages, and session cookies.",
  "id": "GHSA-wxwf-h485-h4x8",
  "modified": "2024-08-27T21:31:10Z",
  "published": "2024-03-14T03:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25649"
    },
    {
      "type": "WEB",
      "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25649"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-X328-GFW7-CR8V

Vulnerability from github – Published: 2023-09-27 15:30 – Updated: 2023-09-27 15:30
VLAI
Details

Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-44153"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-316"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-27T15:19:37Z",
    "severity": "LOW"
  },
  "details": "Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.",
  "id": "GHSA-x328-gfw7-cr8v",
  "modified": "2023-09-27T15:30:39Z",
  "published": "2023-09-27T15:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44153"
    },
    {
      "type": "WEB",
      "url": "https://security-advisory.acronis.com/advisories/SEC-1994"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.