55 matches found
EUVD-2025-1665
Malicious code in bioql PyPI...
EUVD-2024-48631
Malicious code in bioql PyPI...
CVE-2025-9035
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Horato Internet Technologies Ind. And Trade Inc. Virtual Library Platform allows Reflected XSS. This issue affects Virtual Library Platform: before v202...
CVE-2024-7755
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
Security Bulletin: IBM Storage Protect Server is susceptible to vulnerability in Golang Go (CVE-2023-45288).
Summary Golang Go is used by the IBM Storage Protect Server OSSM component. Golang Go is vulnerable to loss of availability of host system. This bulletin identifies the steps to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45288 DESCRIPTION: An attacker may cause an HTTP/2...
CVE-2025-0432
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432 HMS Networks Ewon Flexy 202 Cleartext Transmission of Sensitive Information
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432 HMS Networks Ewon Flexy 202 Cleartext Transmission of Sensitive Information
EWON Flexy 202 transmits user credentials in clear text with no encryption when a user is added, or user credentials are changed via its webpage...
CVE-2025-0432
EWON Flexy 202 exposes credentials by transmitting them in clear text via the device web page when a user is added or credentials are changed. Root cause: lack of encryption/cleartext transmission. Impact: confidentiality of credentials is HIGH. Several sources corroborate the issue; however, no ...
PT-2025-3886 · Hms Industrial Networks · Ewon Flexy 202
Name of the Vulnerable Software and Affected Versions: EWON Flexy 202 affected versions not specified Description: The issue concerns the transmission of user credentials in clear text without encryption when a user is added or user credentials are changed via the device's webpage. This affects t...
Security Bulletin: Multiple Vulnerabilities in VMware vCenter affect Cloud Pak System [CVE-2024-22274, CVE-2024-22275, CVE-2024-37087]
Summary Vulnerabilities in Broadcom VMware vCenter affect IBM Cloud Pak System. Vulnerability Details CVEID:CVE-2024-22274 DESCRIPTION: Broadcom VMware vCenter Server and Cloud Foundation could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an...
CVE-2024-7755
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
CVE-2024-7755 HMS Networks EWON FLEXY 202 Insufficiently Protected Credentials
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
CVE-2024-7755
CVE-2024-7755 affects HMS HMS EWON FLEXY 202 gateway (Firmware Version 14.2s0). The root cause is transmission of credentials using a weak encoding (base64), allowing an attacker on the network to sniff and decode credentials. Impact is credential exposure with potential lateral movement or unsup...
CVE-2024-7755 HMS Networks EWON FLEXY 202 Insufficiently Protected Credentials
The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...
HMS Networks EWON FLEXY 202
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION : Exploitable remotely/low attack complexity Vendor : HMS Networks Equipment : EWON FLEXY 202 Vulnerability : Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to sniff...
PT-2024-38563 · Unknown · Ewon Flexy 202
Name of the Vulnerable Software and Affected Versions: EWON FLEXY 202 affected versions not specified Description: The issue concerns the transmission of credentials using a weak encoding method, specifically base64. An attacker present in the network can intercept the traffic and decode the...
Code injection
An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status...
CVE-2023-48926
An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status...
CVE-2023-48926
CVE-2023-48926 affects the PrestaShop extension: 202 ecommerce Advanced Loyalty Program, Loyalty Points before v2.3.4. The vulnerability allows unauthenticated attackers to arbitrarily change an order status. Documents cite a CVSS v3.1 base score of 5.3 (Medium) with impact limited to integrity. ...