EUVD-2024-3603

Malicious code in bioql PyPI...

PT-2025-23233 · Unknown · Tinxy Wifi Lock Controller

Name of the Vulnerable Software and Affected Versions: Tinxy WiFi Lock Controller version v1 RF Description: The issue concerns the transmission of sensitive information in plaintext, including control information and device credentials. This allows attackers to possibly intercept and access...

PT-2025-17668 · Byd · Byd Qin Plus Dm-I Dilink Os

Name of the Vulnerable Software and Affected Versions: BYD QIN PLUS DM-i Dilink OS versions v3.0 13.1.7.2204050.1 through v3.0 13.1.7.2312290.1 0 Description: The issue allows attackers to execute a man-in-the-middle attack because the affected software sends broadcasts to the manufacturer's clou...

PT-2025-2644 · Ibm · Ibm Security Verify Access Appliance +1

Name of the Vulnerable Software and Affected Versions: IBM Security Verify Access Appliance and Container versions 10.0.0 through 10.0.8 Description: The issue involves the transmission of sensitive or security-critical data in cleartext in a communication channel that can be detected by...

PT-2024-5033 · Ibm · Ibm Datacap Navigator

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the temporary storage of data from different environments in an unencrypted manner, which could be obtained by a malicious user. This could allow an...

PT-2024-23550 · Unknown · Ros Melodic Morenia

Name of the Vulnerable Software and Affected Versions: ROS Robot Operating System Melodic Morenia versions 1 Description: An issue was discovered where the system transmits messages in plaintext, exposing sensitive information and making it vulnerable to man-in-the-middle MitM attacks. This allow...

PT-2024-22902 · Ros2 · Ros2

Name of the Vulnerable Software and Affected Versions: ROS2 Robot Operating System 2 Humble Hawksbill versions 2 Description: An issue was discovered where the system transmits messages in plaintext, allowing attackers to access sensitive information via a man-in-the-middle attack. Recommendation...

PT-2023-24739 · Easyuse · Easyuse Mailhunter Ultimate

Name of the Vulnerable Software and Affected Versions: EasyUse MailHunter Ultimate versions 2023 and earlier Description: The issue allows remote authenticated users to obtain sensitive system information, specifically the absolute path, via an unencrypted VIEWSTATE parameter in the create templa...

PT-2023-18007 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue involves the possible use of unencrypted transport over cellular networks due to an insecure default value, potentially leading to remote information disclosure without requiring additional execution...

PT-2023-3317 · Schneider Electric · Powerlogic Ion7400 +4

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION9000 versions affected versions not specified Schneider Electric PowerLogic ION7400 versions affected versions not specified Schneider Electric PowerLogic PM8000 versions affected versions not specified...

PT-2023-1306 · Moxa · Moxa Sds-3008 Series Industrial Ethernet Switch

Name of the Vulnerable Software and Affected Versions: Moxa SDS-3008 Series Industrial Ethernet Switch version 2.1 Description: A cleartext transmission issue exists in the web application functionality, allowing an attacker to obtain sensitive information by sniffing network traffic. This can le...

PT-2012-3707 · Wellintech · Kingscada

Name of the Vulnerable Software and Affected Versions: WellinTech KingSCADA version 3.0 Description: The issue concerns the storage of passwords in a cleartext base64 format within the user.db file, allowing attackers to obtain sensitive information by reading this file. Recommendations: For...

[CORE SDI ADVISORY] MySQL weak authentication

CORE SDI http://www.core-sdi.com Vulnerability Report for MySQL Authentication Vulnerability Date Published: 2000-10-23 Advisory ID: CORE-20001023 Bugtraq ID: 1826 CVE CAN: Not currently assigned. Title: MySQL Authentication Vulnerability Class: Design Error Remotely Exploitable: Yes Locally...