CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

180 matches found

CVE-2026-43625 CodexBar < 0.32.0 Session Cookie Exposure via HTTP Redirect

CodexBar prior to 0.32.0 contains a session cookie leakage vulnerability that allows network attackers to intercept imported browser session cookies by exploiting improper redirect handling for Amp and Ollama provider sessions. Attackers can position themselves on the network path to receive...

8.2CVSS0.00021EPSS

Exploits0References4

RedhatCVE•added 2026/03/27 2:26 p.m.•3 views

CVE-2021-27209

In the management interface on TP-Link Archer C5v 1.7181221 devices, credentials are sent in a base64 format over cleartext HTTP...

7.1CVSS7AI score0.00024EPSS

Exploits1References1

Vulnrichment•added 2026/03/17 9:42 p.m.•2 views

CVE-2026-32838 Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Cleartext HTTP

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

8.7CVSS5.8AI score0.00007EPSS

Exploits0References3

Cvelist•added 2026/03/17 9:42 p.m.•13 views

CVE-2026-32838 Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Cleartext HTTP

8.7CVSS0.00007EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 11:29 a.m.•5 views

CVE-2021-27574

An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check, and request, updates. Thus, attackers can machine-in-the-middle a victim to download a malicious binary in place of the real update, with no SSL errors or warnings...

8.1CVSS7AI score0.00203EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:13 a.m.•2 views

CVE-2016-10933

An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP...

5.9CVSS7AI score0.00242EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:33 a.m.•6 views

CVE-2017-18641

In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...

9.3CVSS7AI score0.00346EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:59 a.m.•5 views

CVE-2020-7213

Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...

7.6CVSS7AI score0.00248EPSS

Exploits1References1

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2023-23915)

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

6.5CVSS6.7AI score0.00039EPSS

Exploits0References4