The vulnerability of the Segnetics SMConfig system configuration tool lies in the lack of protection for transmitted data, which allows attackers to disclose the protected information.

The vulnerability of the Segnetics SMConfig system configuration tool is related to the lack of protection for transmitted data. Exploiting this vulnerability allows a malicious actor to disclose sensitive information by reading the HTTP cookie header...

Netwrix Directory Manager 安全漏洞

Netwrix Directory Manager is a group and user management software from Netwrix. A security vulnerability exists in Netwrix Directory Manager v.11.0.0.0 and earlier and later v.11.1.25134.03, which originates from the insertion of sensitive information in sent data...

The vulnerability of the Drupal CMS system’s Image Sizes module, related to the insertion of confidential information into the transmitted data, allows attackers to circumvent security restrictions and execute a Forceful Browsing attack.

The vulnerability of the Image Sizes module in Drupal systems is related to the insertion of confidential information into the transmitted data. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and execute a Forceful Browsing attack...

CVE-2024-41026

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmiited. This causes a kernel panic when this size exceeds the sgmiter's length. Limit the number of...

CVE-2024-41026 mmc: davinci_mmc: Prevent transmitted data size from exceeding sgm's length

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmiited. This causes a kernel panic when this size exceeds the sgmiter's length. Limit the number of...

CVE-2024-41026 mmc: davinci_mmc: Prevent transmitted data size from exceeding sgm's length

In the Linux kernel, the following vulnerability has been resolved: mmc: davincimmc: Prevent transmitted data size from exceeding sgm's length No check is done on the size of the data to be transmiited. This causes a kernel panic when this size exceeds the sgmiter's length. Limit the number of...

CVE-2024-38284

Transmitted data is logged between the device and the backend service. An attacker could use these logs to perform a replay attack to replicate calls...

CVE-2024-38284

CVE-2024-38284 affects Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600), with versions up to 3.1.171.9. The root cause is that transmitted data is logged between the device and the backend, enabling an attacker to perform a replay attack to replicate calls. In the ICS context, mitiga...

The vulnerability of the Clario VPN service lies in the lack of protection for transmitted data, allowing a hacker to send arbitrary IP traffic as plain text beyond the VPN tunnel.

The vulnerability of the Clario VPN client relates to the lack of protection for transmitted data. Exploiting this vulnerability allows a hacker to send arbitrary IP traffic as plain text beyond the VPN tunnel...

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data, allowing a perpetrator to access confidential information.

The vulnerability of the IBM Aspera Faspex file-sharing application lies in the lack of protection for the transmitted data. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information...

The vulnerability of the Valmet System 2019 software suite (Metso DNA) lies in the lack of protection for transmitted data, which allows a hacker to enhance their privileges within the system.

The vulnerability of the Valmet System 2019 software suite Metso DNA lies in the lack of protection for transmitted data. Exploiting this vulnerability can allow a malicious actor to enhance their privileges within the system...

The vulnerability of the microprogrammed software for power meters and energy counters from PowerLogic models ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000, PM800 lies in the lack of protection for transmitted data. This allows unauthorized individuals to gain unauthorized access to the protected information.

The vulnerability of the microprogrammed software for PowerLogic power meters and energy counters, such as ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000, and PM800, stems from the lack of protection for transmitted data. Exploiting this vulnerability can allow an unauthorize...

The vulnerability of microprogrammed software in Logic Controllers Modicon M218, Modicon M251, Modicon M241, and Modicon M258 lies in the lack of protection for transmitted data. This allows attackers to gain unauthorized access to the protected information.

The vulnerability of microprogrammed software in Logic Controllers Modicon M218, Modicon M251, Modicon M241, and Modicon M258 lies in the lack of protection for transmitted data. Exploiting this vulnerability can allow an intruder operating remotely to gain unauthorized access to protected...

The vulnerability of the Performance API component in the Google Chrome web browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Performance API component in the Google Chrome web browser is related to the lack of protection for the transmitted data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the GENEVE protocol implementation in the Linux operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the GENEVE protocol’s implementation in Linux kernel systems is related to the lack of protection for transmitted data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2020-10039

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker in a privileged network position between a legitimate user and the web server might be able to conduct a Man-in-the-middle attack and gain read and write access to...

Huawei Myna Information Disclosure Vulnerability

Huawei Myna is a smart speaker from Chinese company Huawei Huawei. An information disclosure vulnerability exists in Huawei Myna, which stems from the speaker's mishandling of transmitted data when the smart speaker and the cloud are paired over Wi-Fi. An attacker could use the vulnerability to...

CVE-2014-8242

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...

CVE-2015-1601

Siemens SIMATIC STEP 7 TIA Portal 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors...

Information disclosure

Siemens SIMATIC STEP 7 TIA Portal 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors...