EUVD-2017-3327

Malware in sbrugna...

EUVD-2013-2980

Malware in sbrugna...

CVE-2024-12086

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY, related to the transmission of data in an open format, allows attackers to perform spoofing attacks.

The vulnerability of the client-server data processing and technical operations control application Proficy HMI/SCADA CIMPLICITY lies in the transmission of data in an open manner. Exploiting this vulnerability can allow attackers to carry out spoofing attacks...

CVE-2016-5133

Removed by vendor...

Information disclosure

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows man-in-the-middle attackers to obtain sensitive cleartext information via vectors involving injection of cleartext data into the client-server data stream, aka "TLS/SSL Information Disclosure Vulnerability."...

CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...

CVE-2016-2346

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates, which allows man-in-the-middle attackers to execute arbitrary code by modifying fields in the client-server data stream...

CVE-2016-1948

Mozilla Firefox before 44.0 on Android does not ensure that HTTPS is used for a lightweight-theme installation, which allows man-in-the-middle attackers to replace a theme's images and colors by modifying the client-server data stream...

CVE-2015-1595

The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream...

CVE-2014-1242

Apple iTunes before 11.1.4 uses HTTP for the iTunes Tutorials window, which allows man-in-the-middle attackers to spoof content by gaining control over the client-server data stream...

CVE-2013-6427

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...

CVE-2013-6427

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing HPLIP 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary code by gaining control over the client-server data stream...