IBM Security Verify Access 安全漏洞

IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as the Web, mobile, IoT and cloud using risk-based access, single sign-on, integrated access management controls...

CVE-2024-26288

An unauthenticated remote attacker can influence the communication due to the lack of encryption of sensitive data via a MITM. Charging is not affected...

Cilium Security Vulnerabilities

Cilium is an open source software. It is used to provide and transparently protect network connectivity and load balancing between application workloads such as application containers or processes. A security vulnerability exists in versions of Cilium prior to v1.14.7 that stems from traffic...

Mozilla: Push notifications saved to disk unencrypted

The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...

Mozilla: Push notifications saved to disk unencrypted

The Mozilla Foundation Security Advisory describes this flaw as: Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information...

PT-2023-29010 · Maximatech · Maximatech Portal Executivo

Name of the Vulnerable Software and Affected Versions: MaximaTech Portal Executivo version 21.9.1.140 Description: A vulnerability has been found in the Cookie Handler component, leading to missing encryption of sensitive data. The attack can be initiated remotely, with a rather high complexity a...

CVE-2023-39841

Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...

CVE-2023-39841

Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...

CVE-2023-39842

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...

CVE-2023-39842

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device...

CVE-2023-36136

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...

CVE-2023-36136

PHPJabbers Class Scheduling System 1.0 lacks encryption on the password when editing a user account update user page allowing an attacker to capture all user names and passwords in clear text...

Class Scheduling System Security Vulnerability

Class Scheduling System is a class scheduling system by jkev individual developers. A security vulnerability exists in PHPJabbers Class Scheduling System version 1.0, which stems from a lack of password encryption when editing a user account updating a user's page, which allows an attacker to...

PT-2023-8821 · Ibm · Ibm Watson Cp4D Data Stores

Name of the Vulnerable Software and Affected Versions: IBM Watson CP4D Data Stores versions 4.6.0 through 4.6.3 Description: The issue is related to the lack of encryption for sensitive or critical information before storage or transmission, which could allow an attacker to obtain sensitive...

Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attribute

A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The name of the pat...

CVE-2022-35860

Missing AES encryption in Corsair K63 Wireless 3.1.3 allows physically proximate attackers to inject and sniff keystrokes via 2.4 GHz radio transmissions...

Corsair K63 Mechanical Gaming Keyboard 安全漏洞

Corsair K63 Mechanical Gaming Keyboard is a wireless gaming keyboard from Corsair. A security vulnerability exists in the Corsair K63 Mechanical Gaming Keyboard version 3.1.3, which stems from a lack of AES encryption...

CVE-2021-41835

Fresenius Kabi Agilia Link + version 3.0 does not enforce transport layer encryption. Therefore, transmitted data may be sent in cleartext. Transport layer encryption is offered on Port TCP/443, but the affected service does not perform an automated redirect from the unencrypted service on Port...

CVE-2019-18254

BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest. An attacker with physical access to the CardioMessenger can disclose medical measurement data and the serial number from the implanted cardiac device the CardioMessenger is paired with...

ALPINE-CVE-2019-16062

NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data...