Lucene search
K

55 matches found

ATTACKERKB
ATTACKERKB
added 2026/01/20 9:36 p.m.2 views

CVE-2025-58742

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

8.5CVSS5.4AI score0.00162EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/20 9:36 p.m.6 views

CVE-2025-58742 Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

8.5CVSS5.5AI score0.00162EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/20 9:36 p.m.19 views

CVE-2025-58742 Insufficient Configuration Protections Enable Database Credential Interception in Milner ImageDirector Capture

Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...

8.5CVSS0.00162EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.11 views

PT-2026-3667

Name of the Vulnerable Software and Affected Versions Milner ImageDirector Capture versions 7.0.9 through 7.6.3.25808 Description A security issue exists in the Connection Settings dialog of Milner ImageDirector Capture that allows an Adversary in the Middle AiTM attack. This occurs because the...

8.5CVSS5.4AI score0.00162EPSS
Exploits0References4
CVE
CVE
added 2025/10/27 12:0 a.m.22 views

CVE-2025-60291

The CVE-2025-60291 issue affects eTimeTrackLite Web (version 12.0 and earlier, as of 20250704) and is caused by a permission-control flaw that lets unauthenticated attackers access certain routes and alter database connection configurations. Multiple sources (Red Hat, ENISA/EUVD, CIRCL, NVD, CNNV...

9.1CVSS6.4AI score0.00305EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/27 12:0 a.m.10 views

CVE-2025-60291

An issue was discovered in eTimeTrackLite Web thru 12.0 20250704. There is a permission control flaw that allows unauthorized attackers to access specific routes and modify database connection configurations...

0.00305EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-2462

Malware in sbrugna...

9.8CVSS9.2AI score0.01793EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-51122

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.01057EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/05 12:0 a.m.12 views

CVE-2025-47228

In the Production Environment extension in Netmake ScriptCase through 9.12.006 23, shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests...

6.7CVSS0.14441EPSS
Exploits5References3
CVE
CVE
added 2025/07/05 12:0 a.m.45 views

CVE-2025-47228

CVE-2025-47228 affects Netmake ScriptCase, Production Environment extension, up to version 9.12.006(23). A shell injection flaw exists in the SSH connection settings that, when paired with authenticated access and crafted HTTP requests, allows an attacker to execute system commands on the server....

6.7CVSS7.1AI score0.14441EPSS
Exploits5References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:57 p.m.5 views

CVE-2020-0177

In connect of PanService.java, there is a possible permissions bypass. This could lead to local escalation of privilege to change network connection settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android...

5.5CVSS7.1AI score0.00132EPSS
Exploits0References1
OSV
OSV
added 2025/04/25 3:12 p.m.6 views

GHSA-95FC-G4GJ-MQMX Steve doesn’t verify a server’s certificate and is susceptible to man-in-the-middle (MitM) attacks

Impact A vulnerability has been identified in Steve where by default it was using an insecure option that did not validate the certificate presented by the remote server while performing a TLS connection. This could allow the execution of a man-in-the-middle MitM attack against services using...

8CVSS6.4AI score0.00296EPSS
Exploits0References3
CVE
CVE
added 2025/02/11 1:56 p.m.67 views

CVE-2025-26492

JetBrains TeamCity is affected when deployed with versions prior to 2024.12.2. The vulnerability stems from improper Kubernetes connection settings that could allow exposure of sensitive resources. Multiple connected sources (CNVD-2025-13414, RH: CVE-2025-26492, and Nessus plugin TEAMCITY_2024_12...

9.1CVSS7.5AI score0.00404EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2024/09/17 9:30 p.m.32 views

Apache Druid: Users can provide MySQL JDBC properties not on allow list

Apache Druid allows users with certain permissions to read data from other database systems using JDBC. This functionality allows trusted users to set up Druid lookups or run ingestion tasks. Druid also allows administrators to configure a list of allowed properties that users are able to provide...

6.5CVSS6.1AI score0.00626EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/29 1:29 p.m.21 views

CVE-2024-36370

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible...

4.6CVSS5.7AI score0.00267EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/29 1:29 p.m.28 views

CVE-2024-36370

In JetBrains TeamCity before 2022.04.7, 2022.10.6, 2023.05.6, 2023.11.5 stored XSS via OAuth connection settings was possible...

4.6CVSS4.5AI score0.00267EPSS
Exploits0References1
Citrix
Citrix
added 2024/01/17 12:0 a.m.14 views

How to modify the HTTP/HTTPS port while connecting to the management IP of Netscaler?

Regarding modify the HTTP/HTTPS port when connecting to the management IP of Netscaler...

7.1AI score
Exploits0
Citrix
Citrix
added 2023/08/20 12:0 a.m.8 views

Azure VDAs are shown as "power state: unknown" in Studio

Power state in Studio toggles between "unknown" and "on" or "off" for VMs hosted in Azure. You may find the below entries in the hosting connection test or in the CDF traces Error: Invalid connection settings. System.IO.FileNotFoundException: Could not load file or assembly 'System.Net.Http,...

7.2AI score
Exploits0
Citrix
Citrix
added 2023/08/19 12:0 a.m.8 views

What Proxy will be used by Citrix Workspace App

Which proxy does the Citrix Receiver/Workspace app use for these settings and if this registry key is mentioned: HKEYCURRENTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings The 9th value contains the proxy setting. The value could be: 09 when...

7AI score
Exploits0
CVE
CVE
added 2023/03/27 3:27 p.m.65 views

CVE-2022-48426

CVE-2022-48426 affects JetBrains TeamCity versions prior to 2022.10.3. The vulnerability is a stored XSS in Perforce connection settings , as confirmed by multiple sources (NVD entry and security analyses). Impact is limited to XSS exposure via Perforce settings; exploitation status is not detail...

5.4CVSS5.2AI score0.01057EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder