Lucene search
+L

255 matches found

NVD
NVD
added 2020/04/30 9:15 p.m.40 views

CVE-2020-5876

On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address...

8.1CVSS8AI score0.00571EPSS
Exploits0References1
Prion
Prion
added 2020/04/30 9:15 p.m.21 views

Race condition

On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address...

6.8CVSS7.9AI score0.00571EPSS
Exploits0References1Affected Software11
Cvelist
Cvelist
added 2020/04/30 8:30 p.m.38 views

CVE-2020-5876

On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address...

8AI score0.00571EPSS
Exploits0References1
CVE
CVE
added 2020/04/30 8:30 p.m.86 views

CVE-2020-5876

The CVE-2020-5876 issue affects BIG-IP mcpd and related components due to a race condition that can cause unencrypted config sync attempts when changing peer ConfigSync IPs, adding peers, or TMM startup. Vulnerable versions include BIG-IP 15.0.0–15.0.1, 14.0.0–14.1.2, 13.1.0–13.1.3, 12.1.0–12.1.5...

8.1CVSS7.9AI score0.00571EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/04/30 12:0 a.m.30 views

F5 Networks BIG-IP : BIG-IP mcpd vulnerability (K32121038)

A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management Microkernel TMM first starts up...

8.1CVSS7.6AI score0.00571EPSS
Exploits0References2
NVD
NVD
added 2020/04/02 8:15 p.m.25 views

CVE-2019-19090

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping...

3.5CVSS4.2AI score0.00517EPSS
Exploits0References1
NVD
NVD
added 2020/03/10 9:15 p.m.18 views

CVE-2020-6198

SAP Solution Manager Diagnostics Agent, version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check...

9.8CVSS9.6AI score0.01383EPSS
Exploits0References2
Prion
Prion
added 2020/03/10 9:15 p.m.19 views

Authentication flaw

SAP Solution Manager Diagnostics Agent, version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check...

7.5CVSS9.4AI score0.01383EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/10 8:18 p.m.22 views

CVE-2020-6198

SAP Solution Manager Diagnostics Agent, version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check...

9.8CVSS9.6AI score0.01383EPSS
Exploits0References2
CNVD
CNVD
added 2019/11/08 12:0 a.m.2 views

Unspecified Vulnerability in Amazon Ring Video Doorbell

Amazon Ring Video Doorbell is a smart wireless home security doorbell camera that allows users to use to remotely control their doorbell. The Amazon Ring Video Doorbell suffers from a security vulnerability that stems from information shared between the application and the doorbell, including Wi-...

6.8AI score
Exploits0References1
Prion
Prion
added 2019/08/14 2:15 p.m.25 views

Code injection

SAP BusinessObjects Business Intelligence Platform Web Intelligence, versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted...

4CVSS6.5AI score0.00688EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/08/14 1:55 p.m.23 views

CVE-2019-0348

SAP BusinessObjects Business Intelligence Platform Web Intelligence, versions 4.1, 4.2, can access database with unencrypted connection, even if the quality of protection should be encrypted...

6.5AI score0.00688EPSS
Exploits0References2
CVE
CVE
added 2019/08/14 1:55 p.m.58 views

CVE-2019-0348

CVE-2019-0348 affects SAP BusinessObjects Business Intelligence Platform (Web Intelligence) for versions 4.1 and 4.2. The vulnerability involves accessing the database through an unencrypted connection, despite protection expectations that data be encrypted. The connected Red Hat, CNVD, CVE lists...

6.5CVSS6.5AI score0.00688EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
added 2019/07/12 11:31 a.m.66 views

Node.js third-party modules: Yarn transfers npm credentials over unencrypted http connection

Module module name: yarn version: 1.16.0 npm page: https://www.npmjs.com/package/yarn Module Description Fast, reliable, and secure dependency management. Module Stats Replace stats below with numbers from npm’s module page: 166 703 downloads in the last day 849 928 downloads in the last week 3 7...

4.3CVSS1.1AI score0.00668EPSS
Exploits1
NVD
NVD
added 2019/07/03 8:15 p.m.22 views

CVE-2019-12845

The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3...

5.3CVSS6.1AI score0.00924EPSS
Exploits0References1
Prion
Prion
added 2019/07/03 8:15 p.m.17 views

Code injection

The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3...

5CVSS5.3AI score0.00924EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/07/03 7:42 p.m.263 views

CVE-2019-12845

CVE-2019-12845 affects JetBrains TeamCity. The generated Kotlin DSL settings allowed artifacts to be resolved over an unencrypted connection, exposing potential MITM risks. Root cause: unencrypted artifact resolution in Kotlin DSL settings. Impact: exposure of artifact resolution traffic (no deta...

5.3CVSS5.3AI score0.00924EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/03 7:42 p.m.20 views

CVE-2019-12845

The generated Kotlin DSL settings allowed usage of an unencrypted connection for resolving artifacts. The issue was fixed in JetBrains TeamCity 2018.2.3...

6.2AI score0.00924EPSS
Exploits0References1
OSV
OSV
added 2019/02/18 11:58 p.m.10 views

GHSA-2HPJ-G53M-9GJ6 closure-util downloads Resources over HTTP

Affected versions of closure-util insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

8.1CVSS8.1AI score0.02546EPSS
Exploits0References3
OSV
OSV
added 2019/02/18 11:57 p.m.10 views

GHSA-QX9M-27WH-7FJG Downloads Resources over HTTP in jvminstall

Affected versions of jvminstall insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the...

9.3CVSS7.5AI score0.01682EPSS
Exploits0References3
Rows per page
Query Builder