Fedora 43 : transmission (2026-893c99f61c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-893c99f61c advisory. 4.1.2, fix for CVE-2026-38978 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not test...

EUVD-2026-29922

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

EUVD-2026-12657

IBM Db2 Recovery Expert for Linux, UNIX and Windows 5.5 IF 2 could allow an attacker to modify or corrupt data due to an insecure mechanism used for verifying the integrity of the data during transmission...

EUVD-2026-1854

J2EE Misconfiguration: Data Transmission Without Encryption vulnerability in Apache NimBLE. Improper handling of Pause Encryption procedure on Link Layer results in a previously encrypted connection being left in un-encrypted state allowing an eavesdropper to observe the remainder of the exchange...

EUVD-2014-4828

Malware in sbrugna...

EUVD-2021-27202

Malware in sbrugna...

EUVD-2009-1752

Malware in sbrugna...

EUVD-2007-6114

Malware in sbrugna...

EUVD-2024-48334

Malicious code in bioql PyPI...

CVE-2025-5270 SNI was sometimes unencrypted

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

CVE-2020-9337

In GolfBuddy Course Manager 1.1, passwords are sent with base64 encoding via a GET request...

CVE-2025-3480 MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability

MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this...

CVE-2009-1757

Cross-site request forgery CSRF vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2025-1060

CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker...

CVE-2024-41687

The connected sources confirm a vulnerability in the SyroTech SY-GPON-1110-WDONT Router where passwords are transmitted in plain text, enabling a remote attacker to gain unauthorized access by eavesdropping on HTTP sessions. The issue stems from cleartext transmission of sensitive information ove...

PT-2023-3317 · Schneider Electric · Powerlogic Ion7400 +4

Name of the Vulnerable Software and Affected Versions: Schneider Electric PowerLogic ION9000 versions affected versions not specified Schneider Electric PowerLogic ION7400 versions affected versions not specified Schneider Electric PowerLogic PM8000 versions affected versions not specified...

SUSE CVE-2014-4909

Integer overflow in the trbitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write...

CVE-2018-19944

A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354...

CVE-2019-12408

It was discovered that the C++ implementation which underlies the R, Python and Ruby implementations of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow...

DEBIAN-CVE-2010-0748

Transmission before 1.92 allows an attacker to cause a denial of service crash or possibly have other unspecified impact via a large number of tr arguments in a magnet link...