CVE-2026-10584

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

Claude Code 安全漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code from 1.2581.0 to 1.4304.0 contained a security vulnerability. This vulnerability stemmed from the SSH remote development feature, which only verified whether the host name exists in t...

CVE-2026-42514

This vulnerability exists in e-Sushrut due to exposure of OTPs in plaintext within API responses. A remote attacker could exploit this vulnerability by intercepting API responses containing valid OTPs. Successful exploitation of this vulnerability could allow an attacker to impersonate the target...

CVE-2026-42513

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response. Successful exploitation of this...

Belden多款产品 安全漏洞

Belden Hirschmann HiLCOS OpenBAT, among others, are products of the American company Belden. Belden Hirschmann HiLCOS OpenBAT is an industrial-grade wireless local area network device. Belden Hirschmann HiLCOS BAT450 is an industrial-grade wireless local area network access point device. Belden...

EUVD-2016-10715

Malware in sbrugna...

ASB-A-389127608

In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept the Auracast audio stream due to an insecure default value. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not...

The vulnerability of the Baseband component in iPadOS and iOS operating systems allows attackers to intercept network traffic.

The vulnerability of the Baseband component in iPadOS and iOS systems relates to the transmission of confidential information in plaintext. Exploiting this vulnerability could allow a malicious actor to intercept network traffic remotely...

PT-2025-15433 · Ivanti · Ivanti Endpoint Manager

Name of the Vulnerable Software and Affected Versions: Ivanti Endpoint Manager versions prior to 2024 SU1 Ivanti Endpoint Manager versions prior to 2022 SU7 Description: The issue concerns improper certificate validation, allowing a remote unauthenticated attacker to intercept limited traffic...

The vulnerability of the network authentication protocol used by the Firebird software components, “Population Cancer Registry” and “Hospital Cancer Registry,” allows attackers to intercept traffic.

The vulnerability of the network authentication protocol used by the Firebird software’s “Population Cancer Registry” and “Hospital Cancer Registry” components is related to the use of a insecure authentication method called LegacyAuth. Exploiting this vulnerability allows a malicious actor to...

CVE-2024-55928

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows attackers to intercept or access secrets without encryption...

The vulnerability of the Brocade Fabric OS operating system, related to deficiencies in authentication procedures, allows a perpetrator to intercept service sessions.

The vulnerability of the Brocade Fabric OS operating system is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to intercept service sessions remotely...

ROS-20240904-11

A vulnerability in the implementation of the PEAP Protected Extensible Authentication Protocol protocol of the Wi-Fi WPA Supplicant client is caused by flaws in the authorization procedure. Wi-Fi WPA Supplicant is caused by a flaw in the authorization procedure. Exploitation of the vulnerability...

The vulnerability of the Hitachi Ops Center Analyzer software for data analysis and analysis lies in the absence of a “Secure” flag in the HTTPS session cookies. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Hitachi Ops Center Analyzer software-related data analysis and processing programs lies in the absence of the “Secure” flag in the HTTPS session cookies. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected...

The vulnerability of the cloud-based messaging and streaming transmission platform Apache Pulsar, related to authentication flaws, allows attackers to intercept and modify data in Pulsar streams.

The vulnerability of the cloud-based messaging and streaming transmission platform Apache Pulsar is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to intercept and modify data in Pulsar streams remotely...

Design/Logic Flaw

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text...

CVE-2024-0556

CVE-2024-0556 describes a weakness in the WIC200 system (version 1.1) where weak cryptography for passwords can allow a remote attacker to intercept traffic and retrieve credentials from another user. The attack enables decoding credentials in Base64, exposing plaintext credentials. The vulnerabi...

CVE-2023-42532

Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information...

PT-2023-28398 · Fotaagent · Fotaagent

Name of the Vulnerable Software and Affected Versions: FotaAgent versions prior to SMR Nov-2023 Release1 Description: The issue is related to improper certificate validation, which allows a remote attacker to intercept network traffic, including firmware information. Recommendations: For versions...

CVE-2023-30729

Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information...