CVE-2025-62311

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

CVE-2025-62311

CVE-2025-62311 affects HCL AION. The issue involves backend service details potentially being transmitted over insecure HTTP channels, which may lead to exposure or unauthorized access during transmission under certain conditions. According to the included metrics, the CVSS3.1 base score is 4.3 (...

CVE-2025-62311 HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels.

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

PT-2026-40954

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

CVE-2026-25118 immich-server: Insecure Transmission of Authentication Credentials via Password Parameter in HTTP Request Query String When Accessing Shared Albums

immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a user authenticates to a shared album. During the authentication process, the application transmits the album password within t...

CVE-2026-22082

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the use of login credentials as the session ID through its web-based administrative interface. A remote attacker could exploit this vulnerability by intercepting network traffic and...

CVE-2026-22082

CVE-2026-22082 affects Tenda 300Mbps Wireless Router F3 and N300 Easy Setup Router. The root cause is using login credentials as the session ID in the web-based admin interface, allowing a remote attacker to hijack an authenticated session by intercepting unsecured traffic. Impact cited: exposure...

CVE-2026-22080 Insecure Transmission Vulnerability in Tenda Wireless Routers

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the transmission of credentials encoded using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network could exploit this vulnerabilit...

PT-2026-1451

iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave feature to capture user passwords during man-in-the-middl...

EUVD-2019-16199

Malware in sbrugna...

EUVD-2021-16227

Malware in sbrugna...

EUVD-2019-16172

Malware in sbrugna...

EUVD-2024-18110

Malicious code in bioql PyPI...

EUVD-2025-24144

Malicious code in bioql PyPI...

EUVD-2024-19906

Malicious code in bioql PyPI...

Security Bulletin: IBM Cognos Analytics Mobile (iOS) is affected by multiple vulnerabilities

Summary There are vulnerabilities in Babel/helpers and Babel/runtime consumed by IBM Cognos Analytics Mobile iOS. Additionally, IBM Cognos Analytics Mobile iOS is vulnerable to Information Disclosure, Authentication Bypass and Insecure Transmission vulnerabilities. This Security Bulletin relates...

CVE-2025-26199

CloudClassroom-PHP-Project v1.0 is affected by an insecure credential transmission vulnerability. The application transmits passwords over unencrypted HTTP during the login process, exposing sensitive credentials to potential interception by network-based attackers. A remote attacker with access ...

CVE-2024-20395

A vulnerability in the media retrieval functionality of Cisco Webex App could allow an unauthenticated, adjacent attacker to gain access to sensitive session information. This vulnerability is due to insecure transmission of requests to backend services when the app accesses embedded media, such ...

CVE-2019-6640

On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.1-11.5.8, SNMP exposes sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is inserted into various profile types and accessed using SNMPv...

CVE-2019-6613

On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is used with various profile types and is accessed using SNMPv2...