Avantra 安全漏洞

Avantra is a SAP software developed by the Avantra company. Versions of Avantra prior to 25.3.0 contained security vulnerabilities. These vulnerabilities stemmed from unprotected credential transmission, which could lead to sniffing attacks...

curl 安全漏洞

curl is an open-source tool developed by cURL for transferring data from a server or to a server. Curl has a security vulnerability that stems from an error in proxy credential transmission, which may lead to the incorrect transmission of credentials from one proxy to another...

CVE-2026-27752

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain...

PT-2025-50291

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or...

EUVD-2020-4377

Malware in sbrugna...

EUVD-2019-15080

Malware in sbrugna...

EUVD-2024-46811

Malicious code in bioql PyPI...

EUVD-2025-18665

Malicious code in bioql PyPI...

CVE-2025-54156

The Sante PACS Server Web Portal sends credential information without encryption...

CVE-2025-54156 Santesoft Sante PACS Server Cleartext Transmission of Sensitive Information

The Sante PACS Server Web Portal sends credential information without encryption...

CVE-2025-36020

IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information...

CVE-2025-26199

CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...

CVE-2025-3480 MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability

MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this...

Pixmeo OsiriX MD 安全漏洞

Pixmeo OsiriX MD is a medical image processing software from Pixmeo designed for DICOM image analysis and 3D reconstruction. A security vulnerability exists in Pixmeo OsiriX MD that stems from unencrypted transmission of credential information, which could lead to credential disclosure...

JetBrains Toolbox App < 2.6 Multiple Vulnerabilities

The version of JetBrains Toolbox App installed on the remote host is prior to 2.6. It is, therefore, affected by multiple vulnerabilities: - In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible CVE-2025-43012 - In JetBrains Toolbox App before 2.6 host key verification...

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

CVE-2025-43013

JetBrains Toolbox App prior to version 2.6 is affected by CVE-2025-43013 due to unencrypted credential transmission during SSH authentication. The issue is documented across multiple sources (Red Hat, NVD, CNVD, Nessus plugin, and PT Security) and is tied specifically to the SSH plugin’s handling...

Hitachi Vantara Pentaho Data Integration & Analytics 安全漏洞

Hitachi Vantara Pentaho Data Integration & Analytics is a data integration and analytics system from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Data Integration & Analytics that stems from the use of an insecure method of transmitting authentication...

PT-2024-13897 · Ibm · Ibm Cics Transaction Gateway For Multiplatforms

Name of the Vulnerable Software and Affected Versions: IBM CICS Transaction Gateway for Multiplatforms versions 9.2 through 9.3 Description: The issue concerns the transmission and storage of authentication credentials by the software, which uses an insecure method. This makes the credentials...

IBM CICS Transaction Gateway 安全漏洞

IBM CICS Transaction Gateway is a connector for modernizing enterprise CICS assets from International Business Machines IBM. An information disclosure vulnerability exists in IBM CICS Transaction Gateway for Multiplatforms that stems from not using a secure method of transmitting or storing...