PT-2026-45397

Missing authentication and clear‑text transmission of data from the heat pumps to the control server, combined with the absence of input validation on aggregated data, can lead to stored XSS that enables theft of cookies from the pump’s web control interface. Older Orca heat pump devices...

CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

curl 安全漏洞

curl is an open-source tool developed by cURL, used for transferring data from or to a server. Curl has a security vulnerability, which stems from a logic error in connection reuse. This error may cause TLS-enabled connections to incorrectly reuse existing unencrypted connections, resulting in da...

CVE-2025-59852

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...

CVE-2025-59852

CVE-2025-59852 affects HCL DFXAnalytics. The vulnerability is described as Insufficient Transport Layer Protection, where data is transmitted over the network without encryption, potentially compromising the confidentiality, integrity, and authentication of sensitive information. The available do...

PT-2026-37440

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...

UBUNTU-CVE-2026-4873

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text via IMAP, SMTP, or POP3, a subsequent request to that same host bypasses the TLS requirement and instead transm...

CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption

HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...

CVE-2025-31981

HCL BigFix Service Management (SM) Discovery is affected by unenforced encryption caused by HTTP port 80 being open. An attacker with network access can sniff unencrypted traffic, potentially exposing data (Confidentiality impact: LOW per CVSS). The provided documents do not specify a remediation...

PT-2026-33984

HCL BigFix Service Management SM Discovery is vulnerable to unenforced encryption due to port 80 HTTP being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data...

JLSEC-2026-36

Odyssey passes to client unencrypted bytes from man-in-the-middle When Odyssey storage is configured to use the PostgreSQL server using 'trust' authentication with a 'clientcert' requirement or to use 'cert' authentication, a man-in-the-middle attacker can inject false responses to the client's...

Siemens APE1808 Exposure of Sensitive System Information to an Unauthorized Control Sphere (CVE-2025-4229)

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. This plugin...

PT-2026-26712

Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Position and File Data can be sniffed from network traffic using Wireshark's BACnet dissector filter. Th...

CVE-2024-43766

In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-3221

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...

CVE-2026-3221

The CVE-2026-3221 entry affects Devolutions Server prior to or including 2025.3.14, where sensitive user account information is not encrypted in the database. This enables an attacker with direct database access to obtain sensitive data. The description does not specify exact data fields, affecte...

CVE-2026-3221

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...

CVE-2026-3221

Sensitive user account information is not encrypted in the database in Devolutions Server 2025.3.14 and earlier, which allows an attacker with access to the database to obtain sensitive user information via direct database access...

PT-2026-21978

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14 and earlier Description Sensitive user account information is not encrypted in the database. An attacker gaining access to the database can obtain this sensitive information through direct database access...

PT-2026-8234

The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool e.g., SDR can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication...