25 matches found
CVE-2026-3012 Samba: group policy certificate enrollment uses http:// without validation
A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability t...
EUVD-2026-30113
Exposure of the QKEY used as input into the ‘OTA-Quantum’ device registration process and internal system keys via an unauthenticated and unencrypted HTTP GET method in the Arqit Symmetric Key Agreement Platform. This issue affects Symmetric Key Agreement Platform: before 26.03...
CVE-2026-41275
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...
EUVD-2023-25388
Malicious code in bioql PyPI...
EUVD-2023-25387
Malicious code in bioql PyPI...
Replay Attack
Overview salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable t...
CVE-2023-21220
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21220
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21220
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Information disclosure
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
Information disclosure
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
PT-2023-18006 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue involves the possible use of unencrypted transport over cellular networks due to an insecure default value, which could lead to remote information disclosure without requiring additional execution...
CVE-2023-21219
CVE-2023-21219 affects the Android kernel (Pixel/Android devices) where an insecure default enables unencrypted transport over cellular networks, potentially allowing remote information disclosure without extra privileges. Exploitation is described as network-based with no user interaction, and t...
CVE-2023-21219
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
PT-2023-18007 · Google · Android Kernel
Name of the Vulnerable Software and Affected Versions: Android kernel Description: The issue involves the possible use of unencrypted transport over cellular networks due to an insecure default value, potentially leading to remote information disclosure without requiring additional execution...
CVE-2023-21220
there is a possible use of unencrypted transport over cellular networks due to an insecure default value. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroi...
CVE-2023-21220
Technical details about CVE-2023-21220 are not publicly provided in the supplied documents. Information about affected components, root cause, and fixes is not disclosed here. Monitor for updates.