180 matches found
Authentication flaw
The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP...
CVE-2019-13394
The CVE-2019-13394 entry affects the Voo-branded NETGEAR CG3700b custom firmware (V2.02.03). The vulnerability is that HTTP Basic Authentication is used over cleartext HTTP, causing credentials to be transmitted unencrypted. This exposes confidentiality (and potentially integrity) of credentials ...
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...
Code injection
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...
CVE-2017-18641
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...
CVE-2020-7213
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...
Code injection
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...
CVE-2020-7213
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallelsupdates.xml file on the http://update.parallels.com web site...
CVE-2019-19890
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 201608171855 devices. Admin credentials are sent over cleartext HTTP...
Design/Logic Flaw
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 201608171855 devices. Admin credentials are sent over cleartext HTTP...
CVE-2019-19890
An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 201608171855 devices. Admin credentials are sent over cleartext HTTP...
CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
Design/Logic Flaw
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
CVE-2019-19316
When using the Azure backend with a shared access signature SAS, Terraform versions prior to 0.12.17 may transmit the token and state snapshot using cleartext HTTP...
CVE-2019-14959
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection...
Design/Logic Flaw
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection...
CVE-2019-14959
JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a cleartext http connection...
CVE-2019-14954
JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plantuml artifact download link via a cleartext http connection...
CVE-2019-13140
Inteno EG200 EG200-WU7P1UADAMO3.16.4-1902261650 routers have a JUCI ACL misconfiguration that allows the "user" account to extract the 3DES key via JSON commands to ubus. The 3DES key is used to decrypt the provisioning file provided by Adamo Telecom on a public URL via cleartext HTTP...