Lucene search
K

92 matches found

EUVD
EUVD
added 2025/10/31 12:30 a.m.7 views

EUVD-2025-37222

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...

8.7CVSS6.2AI score0.00678EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/31 12:0 a.m.6 views

PT-2025-44646

Name of the Vulnerable Software and Affected Versions BRAIN2 affected versions not specified Description When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This allows for the interception of authentication data, potentially compromising...

8.4CVSS6.5AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.3 views

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP 安全漏洞

The Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial grade DC uninterruptible power supply module from Phoenix Contact, Germany. A security vulnerability exists in the Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP that originates from an unauthenticated, remote attacker who can obtain...

6.8CVSS6.8AI score0.00423EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-3194

Malware in sbrugna...

7.1CVSS7AI score0.01559EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-16349

Malicious code in bioql PyPI...

7.1CVSS6.7AI score0.00413EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-1253

Malicious code in bioql PyPI...

5.9CVSS6.8AI score0.04561EPSS
Exploits0References18
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.6 views

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.1049, which stems from the fact that private and public key certificates are stored in clear text, which could lead to...

9.3CVSS6.4AI score0.00367EPSS
Exploits1References4
NVD
NVD
added 2025/09/18 10:15 p.m.6 views

CVE-2025-54810

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channe...

8.6CVSS0.00184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/18 9:28 p.m.3 views

CVE-2025-54810 Cognex In-Sight Explorer and In-Sight Camera Firmware Authentication Bypass by Capture-replay

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channe...

8.6CVSS6.7AI score0.00184EPSS
Exploits0References1
CVE
CVE
added 2025/09/18 9:28 p.m.17 views

CVE-2025-54810

CVE-2025-54810 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. A proprietary protocol on TCP port 1069 handles management operations, including changing system properties. User management data (usernames and passwords) are transmitted over an unencrypted channel, enabling an adjace...

8.6CVSS6.7AI score0.00184EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.5 views

PT-2025-38491

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a proprietary protocol on TCP port 1069 for management operations, including modifying system properties. The user managemen...

8.6CVSS6.4AI score0.00137EPSS
Exploits0References5
ICS
ICS
added 2025/08/28 6:0 a.m.4 views

Mitsubishi Electric MELSEC iQ-F Series CPU Module

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker the ability to obtain credential information by intercepting SLMP communication messages, and read or write the device values of the product by using the obtained credential information. In addition, the...

7.5CVSS6.2AI score0.00311EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2025/08/14 1:39 p.m.3 views

CVE-2025-7774 Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities

A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions...

8.8CVSS7AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.18 views

CVE-2023-41926

The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...

8.8CVSS7.2AI score0.00261EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/04 11:37 p.m.9 views

CVE-2024-40714

An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations...

8.3CVSS6.7AI score0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/07 4:11 p.m.23 views

CVE-2024-40714

An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations...

8.3CVSS6.7AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/07 12:0 a.m.5 views

Veeam Backup & Replication 安全漏洞

Veeam Backup & Replication is a backup and replication software from Veeam USA. A security vulnerability exists in Veeam Backup & Replication version 12.1.2.172 and prior versions 12, which originates from incorrectly validating TLS certificates, allowing an attacker on the same network to...

8.3CVSS8.1AI score0.00336EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/02 12:0 a.m.4 views

PT-2024-13015 · Kiloview · P1/P2 +2

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned Description: The issue concerns the use of basic authentication for user login to the configuration interface of a webserver. Since encryption is disabled on port 80, this setup allows potential...

8.8CVSS7.2AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/02 12:0 a.m.3 views

Kiloview P1 4G Video Encoder and P2 4G Video Encoder Security Vulnerabilities

Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder are both professional video encoder devices from China-based Kiloview. A security vulnerability exists in the Kiloview P1 4G Video Encoder and Kiloview P2 4G Video Encoder, which stems from disabling encryption on port 80, which may...

8.8CVSS6.9AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.7 views

HCL BigFix Platform 安全漏洞

HCL Technologies HCL BigFix Platform is a suite of endpoint security management platform from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in the HCL BigFix Platform that stems from the...

6.7CVSS6.7AI score0.00157EPSS
Exploits0References2
Rows per page
Query Builder