Lucene search
K

10 matches found

NVD
NVD
added 2026/05/22 2:16 p.m.8 views

CVE-2026-8673

Unprotected transport of credentials vulnerability in syslink software AG Avantra on Linux, Windows allows Sniffing Attacks. This issue affects Avantra: before 25.3.0...

9.1CVSS0.00192EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.11 views

PT-2026-42764

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An unprotected transport of credentials issue in syslink software AG Avantra on Linux and Windows enables sniffing attacks, where an attacker can intercept sensitive authentication data during...

9.1CVSS5.8AI score0.00192EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/26 8:40 p.m.2 views

CVE-2026-33620

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab v0.7.8 through v0.8.3 accepted the API token from a token URL query parameter in addition to the Authorization header. When a valid API credential is sent in the URL, it can be exposed through...

4.3CVSS5.8AI score0.00273EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.12 views

PT-2026-28066

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

6.5CVSS5.8AI score0.00317EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/24 12:0 a.m.4 views

PT-2026-27627

Name of the Vulnerable Software and Affected Versions PinchTab versions v0.7.8 through v0.8.3 Description PinchTab versions v0.7.8 through v0.8.3 accepted API tokens from both the Authorization header and a token URL query parameter. When a valid API credential was sent in the URL, it could be...

4.3CVSS5.9AI score0.00273EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-7915

Malware in sbrugna...

8.8CVSS8.8AI score0.0072EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.6 views

CVE-2021-20826

Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...

7.6CVSS6.8AI score0.0039EPSS
Exploits0References1
OSV
OSV
added 2022/09/02 6:15 p.m.2 views

CVE-2022-34371

Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.3, contain an unprotected transport of credentials vulnerability. A malicious unprivileged network attacker could potentially exploit this vulnerability, leading to full system compromise...

9.8CVSS5.7AI score0.00545EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.5 views

PT-2022-22149 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 9.0.0 up to and including 9.1.0.19 Dell PowerScale OneFS version 9.2.1.12 Dell PowerScale OneFS version 9.3.0.6 Dell PowerScale OneFS version 9.4.0.3 Description: The issue concerns an unprotected transport of...

9.8CVSS9.3AI score0.00545EPSS
Exploits0References4
CVE
CVE
added 2022/08/31 3:33 p.m.51 views

CVE-2022-2005

AutomationDirect C-more EA9 HMI contains a vulnerability in its HTTP webserver that transmits credentials in an insecure, cleartext-like mechanism. Affected products include EA9-T6CL/6CL-R, T7CL/7CL-R, T8CL, T10CL/T10WCL, T12CL, T15CL/T15CL-R, RHMI, PGMSW prior to firmware 6.73. Exploitation coul...

7.5CVSS7.4AI score0.00441EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder