CVE-2021-23846

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...

Design/Logic Flaw

When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...

CVE-2021-23846

The CVE-2021-23846 issue affects Bosch B426/Conettix devices. When using HTTP, the user password is transmitted as a plaintext parameter, enabling network-adjacent attackers to obtain credentials via MITM. Root cause: credentials exposed in cleartext in login handling (e.g., login.cgi). Impact al...

Updated vlc packages fix security vulnerabilities

A remote user could create a specifically crafted file that could trigger some various issues. It is possible to trigger a remote code execution through a specifically crafted playlist, and tricking the user into interacting with that playlist elements. It is also possible to trigger read or writ...

CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

CVE-2021-22212

ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the ''. This results in the administrator not bein...

CVE-2021-33879

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only...

CVE-2021-3565

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentialit...

CVE-2021-3565

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentialit...

ATOM-Smart life App 信任管理问题漏洞

ATOM tech ATOM-Smart life App is a smart life application from ATOM tech, Japan. ATOM-Smart life App 1.8.0 suffers from a trust management issue vulnerability that originates from improper server certificate validation. A remote attacker can exploit this vulnerability to conduct a MitM attack on...

Weave Net clusters susceptible to MitM attacks via IPv6 rogue router advertisements

Impact An attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a cluster with an IPv4 internal network, if IPv6 is not totally disabled on the host via ipv6.disable=1 on the kernel cmdline, it wi...

CVE-2021-3565

A flaw was found in tpm2-tools. tpm2import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality...

GHSA-C52F-PQ47-2R9J plugin.yaml file allows for duplicate entries in helm

Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install...

plugin.yaml file allows for duplicate entries in helm

Impact During a security audit of Helm's code base, Helm maintainers identified a bug in which a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install...

GHSA-JM56-5H66-W453 Repository index file allows for duplicates of the same chart entry in helm

Impact During a security audit of Helm's code base, security researchers at Trail of Bits identified a bug in which the a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs...

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

Open-Xchange: Command Injection via STARTTLS in SMTP

During our research into the security of email servers at Münster University of Applied Sciences, we found a command injection vulnerability related to STARTTLS in Dovecot. See the attached advisory for details. The vulnerability allows a MITM attacker between a mail client and Dovecot to inject...

CVE-2020-24587

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn’t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1774)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The GnuTLS backend in libcurl 7.21.4 through 7.33.0, when disabling digital signature verification CURLOPTSSLVERIFYPEER, also disables the...

Man-in-the-middle (MitM)

apache-maven is vulnerable to Man-in-the-middle MitM. The vulnerability exists because it allows downloading code from external repositories via HTTP by default, resulting in a potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to preten...