Lucene search
K

13 matches found

CVE
CVE
added 2026/06/10 1:55 p.m.23 views

CVE-2026-53475

CVE-2026-53475 affects the assisted-migration-agent. The component hardcodes insecure TLS connections when communicating with vCenter, enabling a Man-in-the-Middle (MITM) attacker to intercept and harvest vCenter administrator credentials, potentially granting unauthorized access to vCenter. The ...

9.3CVSS5.4AI score0.00253EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.10 views

PT-2026-48448

A flaw was found in assisted-migration-agent. The application hardcodes insecure Transport Layer Security TLS connections when communicating with vCenter. This vulnerability allows a Man-in-the-Middle MITM attacker to intercept and harvest vCenter administrator credentials. This can lead to...

9.3CVSS5.4AI score0.00253EPSS
Exploits0References4
OSV
OSV
added 2026/02/05 3:20 a.m.6 views

GO-2026-4397 OpenList has Insecure TLS Default Configuration in github.com/OpenListTeam/OpenList

OpenList has Insecure TLS Default Configuration in github.com/OpenListTeam/OpenList...

8.1CVSS5.3AI score0.00239EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/03 6:16 p.m.27 views

CVE-2025-52631 HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability.

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

3.7CVSS0.00199EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: perl-HTTP-Tiny (TSSA-2024:0938)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0938 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.1CVSS7.1AI score0.01742EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54864

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/23 12:0 a.m.4 views

PT-2025-39149

Name of the Vulnerable Software and Affected Versions CleverControl versions prior to 11.5.1041.6 Description The software does not validate TLS server certificates during installation. The installer uses curl.exe --insecure to download and execute external components, allowing a man-in-the-middl...

6.5CVSS7.7AI score0.00351EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.5 views

PT-2025-32644 · Smartclient · Smartclient Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application supports insecure TLS 1.0 and 1.1 protocols...

6.4CVSS6.2AI score0.00116EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.5 views

Siemens多款产品 加密问题漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A vulnerability exists in various Siemens products due to an encryption issue that stems from support for the insecure TLS protocol, which could lead to a man-in-the-middle attack. The following products and...

6.8CVSS6.4AI score0.00116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:17 a.m.5 views

CVE-2023-23131

Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security ATS Settings...

7.5CVSS6.8AI score0.00593EPSS
Exploits0References1
OSV
OSV
added 2023/02/01 2:15 p.m.2 views

CVE-2023-23131

Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security ATS Settings...

7.5CVSS7.1AI score0.00593EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/01 12:0 a.m.4 views

PT-2023-18851 · Selfwealth · Selfwealth Ios Mobile App

Name of the Vulnerable Software and Affected Versions: Selfwealth iOS mobile App version 3.3.1 Description: The issue concerns Insecure App Transport Security ATS Settings in the Selfwealth iOS mobile App. This means the app may not properly secure its communication, potentially allowing for...

7.5CVSS7.2AI score0.00593EPSS
Exploits0References4
NVD
NVD
added 2021/12/21 5:15 p.m.16 views

CVE-2021-36337

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data...

7.4CVSS0.00386EPSS
Exploits0References1
Rows per page
Query Builder