Lucene search
K

394 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 6:50 a.m.5 views

CVE-2024-55582

Oxide before 6 has unencrypted Control Plane datastores...

5.7CVSS7AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:55 a.m.7 views

CVE-2022-3781

Dashlane password and Keepass Server password in My Account Settings are not encrypted in the database in Devolutions Remote Desktop Manager 2022.2.26 and prior versions and Devolutions Server 2022.3.1 and prior versions which allows database users to read the data. This issue affects : Remote...

6.5CVSS7AI score0.00434EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:32 a.m.10 views

CVE-2022-29945

DJI drone devices sold in 2017 through 2022 broadcast unencrypted information about the drone operator's physical location via the AeroScope protocol...

7.5CVSS6.5AI score0.00659EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:6 p.m.8 views

CVE-2020-4497

IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An attacker could obtain information using main in the middle techniques. IBM X-Force ID: 182106...

6.8CVSS6AI score0.00387EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.13 views

CVE-2020-5879

On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied...

7.5CVSS6.8AI score0.00792EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.5 views

CVE-2019-14808

An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data unencrypted to a server without an integrity check, if a user changes personal data in his profile tab e.g., exposure of his birthday or logs into his account i.e., exposure of credentials...

6.8CVSS6.9AI score0.01337EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:41 a.m.9 views

CVE-2019-18989

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sent back as an encrypted frame, which wou...

6.1CVSS6.7AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:24 a.m.8 views

CVE-2019-18990

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a...

6.1CVSS6.8AI score0.00751EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.7 views

CVE-2019-10351

Jenkins Caliper CI Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...

8.8CVSS6.7AI score0.01632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:41 a.m.8 views

CVE-2019-10099

Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk controlled by spark.maxRemoteBlockSizeFetchToMem; in SparkR, using parallelize; in Pyspark, using...

7.5CVSS6.6AI score0.01291EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:52 a.m.9 views

CVE-2019-18991

A partial authentication bypass vulnerability exists on Atheros AR9132 3.60AMX.8, AR9283 1.85, and AR9285 1.0.0.12NA devices. The vulnerability allows sending an unencrypted data frame to a WPA2-protected WLAN router where the packet is routed through the network. If successful, a response is sen...

6.1CVSS6.8AI score0.0046EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/20 12:0 a.m.2 views

GNU GRUB Access Control Error Vulnerability

GNU GRUB is a Linux system boot program from the GNU community. An Access Control Error vulnerability exists in GNU GRUB, which stems from GRUB not clearing the key in memory during automatic TPM decryption, and can be exploited by an attacker to obtain unencrypted data...

5.9CVSS6.8AI score0.00309EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/16 7:8 p.m.20 views

CVE-2025-0136

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS7AI score0.00129EPSS
Exploits0References3
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/16 5:30 a.m.11 views

VNC. RDP for all to see

TL;DR VNC still remains in some legacy environments due to legacy deployments and ease of use. Without proprietary extensions, VNC transmits data without encryption, making credential theft through packet sniffing possible. The captured challenge and response between a VNC client and server can...

7.2AI score
Exploits0
NVD
NVD
added 2025/05/14 7:15 p.m.24 views

CVE-2025-0136

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS0.00129EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/14 6:12 p.m.30 views

CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS7.3AI score0.00129EPSS
Exploits0References1
CVE
CVE
added 2025/05/14 6:12 p.m.50 views

CVE-2025-0136

CVE-2025-0136 affects PAN-OS on Intel-based Palo Alto Networks firewalls (PA-7500, PA-5400/5400f, PA-3400, PA-1600, PA-1400, PA-400). The issue arises from using AES-128-CCM for IPSec, which leads to unencrypted data transfer between devices connected to the PAN-OS firewall through IPSec. Affecte...

5.3CVSS6.7AI score0.00129EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 6:12 p.m.34 views

CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices

Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec. This issue does not affect Clou...

5.3CVSS0.00129EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h14 / 10.2.x < 10.2.11 / 11.0.x < 11.0.7 / 11.1.x < 11.1.5 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h14, 10.2.x prior to 10.2.11, 11.0.x prior to 11.0.7, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks...

5.3CVSS5.5AI score0.00129EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.4 views

Siemens SIRIUS 3RK3 Modular Safety System和Siemens SIRIUS Safety Relays 3SK2 安全漏洞

Siemens SIRIUS 3RK3 Modular Safety System and Siemens SIRIUS Safety Relays 3SK2 are both products of Siemens, Germany.Siemens SIRIUS 3RK3 Modular Safety System is a modular safety control system. Siemens SIRIUS Safety Relays 3SK2 is a safety relay. A security vulnerability exists in the Siemens...

8.7CVSS6.6AI score0.00225EPSS
Exploits0References1
Rows per page
Query Builder