Lucene search
K

118 matches found

OSV
OSV
added 2016/08/09 9:59 p.m.4 views

CVE-2016-3312

ActiveSyncProvider in Microsoft Windows 10 Gold and 1511 allows attackers to discover credentials by leveraging failure of Universal Outlook to obtain a secure connection, aka "Universal Outlook Information Disclosure Vulnerability."...

9.1CVSS5.8AI score0.09654EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2016/03/18 12:0 a.m.58 views

Grandstream Wave 1.0.1.26 Update Redirection

CVE-2016-1520: GrandStream Android VoIP App Update Redirection ============================================================== Affected app: Grandstream WaveGSWAVE version 1.0.1.26 and probably earlier Classification: CWE-300 Channel Accessible by Non-EndpointCWE300 CWE-319 Cleartext Transmission ...

3.8CVSS7.8AI score0.02161EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/03/17 12:0 a.m.97 views

Apple Software Update Insecure Transport

The version of Apple Software Update installed on the remote Windows host does not use the HTTPS protocol when transferring the updates window contents. A man-in-the-middle attacker can exploit this vulnerability, by modifying the data stream between the client and server, to control the contents...

5.9CVSS6AI score0.00925EPSS
Exploits0References2
Prion
Prion
added 2014/10/19 1:55 a.m.24 views

Design/Logic Flaw

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors...

4.3CVSS6.8AI score0.00856EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/10/19 1:0 a.m.30 views

CVE-2014-4825

IBM Security QRadar SIEM QRM 7.1 MR1 and QRM/QVM 7.2 MR2 does not properly implement secure connections, which allows man-in-the-middle attackers to discover cleartext credentials via unspecified vectors...

6.3AI score0.00856EPSS
Exploits0References2
securityvulns
securityvulns
added 2013/03/24 12:0 a.m.27 views

LibreOffice update spoofing

Updates are checked via insecure connection, digital signature is not validated...

3.4AI score
Exploits0References1Affected Software1
NVD
NVD
added 2011/11/29 5:55 p.m.26 views

CVE-2011-4405

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle MITM attack...

7.5CVSS7.4AI score0.03493EPSS
Exploits0References5
CVE
CVE
added 2011/11/29 5:0 p.m.79 views

CVE-2011-4405

CVE-2011-4405 concerns the cupshelpers scripts in system-config-printer used by Ubuntu 11.04/11.10, which query the OpenPrinting database over an insecure, unauthenticated connection. This MITM weakness can allow remote tampering with driver packages/repositories and arbitrary code execution. Con...

7.5CVSS7.5AI score0.03493EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/11/29 5:0 p.m.35 views

CVE-2011-4405

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle MITM attack...

7.3AI score0.03493EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2011/11/29 5:0 p.m.48 views

CVE-2011-4405

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle MITM attack...

7.5CVSS7.5AI score0.03493EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/11/18 12:0 a.m.27 views

Ubuntu Update for system-config-printer USN-1265-1

Ubuntu Update for Linux kernel vulnerabilities USN-1265-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12651.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for system-config-printer USN-1265-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

7.5CVSS6.5AI score0.03493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/11/18 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-1265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.03493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/11/18 12:0 a.m.33 views

Ubuntu 11.04 / 11.10 : system-config-printer vulnerability (USN-1265-1)

Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be...

7.5CVSS5.4AI score0.03493EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2011/11/17 3:5 p.m.53 views

USN-1265-1: system-config-printer vulnerability

Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could be...

7.5CVSS5.3AI score0.03493EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2011/11/17 12:0 a.m.29 views

CVE-2011-4405

The cupshelpers scripts in system-config-printer in Ubuntu 11.04 and 11.10, as used by the automatic printer driver download service, uses an "insecure connection" for queries to the OpenPrinting database, which allows remote attackers to execute arbitrary code via a man-in-the-middle MITM attack...

7.5CVSS6.2AI score0.03493EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.28 views

CentOS Update for squirrelmail CESA-2009:0010 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS5.2AI score0.02159EPSS
Exploits3References2
securityvulns
securityvulns
added 2005/03/02 12:0 a.m.26 views

Symantec hardware firewall devices SMTP messages leak

Under certain conditions SMTP messages may be sent with insecure external connection instead of internal one...

0.8AI score
Exploits0References1Affected Software3
Tenable Nessus
Tenable Nessus
added 2002/08/21 12:0 a.m.29 views

Avirt Gateway Suite Telnet Proxy Arbitrary Command Execution

It was possible to connect to the remote telnet server without a password and to get a command prompt with the 'DOS' command. And attacker may use this flaw to get access to your system. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11096; scriptversion "1.21";...

7.5CVSS5.5AI score0.0351EPSS
Exploits0References2
Rows per page
Query Builder