Lucene search
K

429 matches found

Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.9 views

PT-2026-1448

QiHang Media Web Digital Signage 3.0.9 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept user authentication credentials through cleartext cookie transmission. Attackers can perform man-in-the-middle attacks to capture and potentially misuse store...

8.6CVSS6.4AI score0.0028EPSS
Exploits1References7
Redos
Redos
added 2025/12/26 12:0 a.m.8 views

ROS-20251226-7307

A vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the use of insecure mechanisms for processing authentication data in the operating system memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

6.5CVSS7.7AI score0.0021EPSS
Exploits0
CNVD
CNVD
added 2025/12/25 12:0 a.m.2 views

Apache StreamPark Weak Algorithm Vulnerability

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a weak algorithmic vulnerability that stems from the use of weak encryption algorithms, which can be exploited by an attacker to expose sensitive...

7.5CVSS7.1AI score0.00216EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.5 views

Konica Bizhub Multifunction Printers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-20871)

If a scanning destination that requires the registration of authentication information, such as FTP, SMB, or WebDAV, is registered in the address book of a multifunction printer, a remote attacker could steal the registered authentication information by sending a specific SOAP message...

6.5CVSS6.5AI score0.0052EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/12 3:30 p.m.5 views

EUVD-2025-203081

Apache StreamPark uses a Weak Encryption Algorithm...

7.5CVSS6.4AI score0.00216EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.5 views

Apache StreamPark 安全漏洞

Apache StreamPark is the United States Apache Apache Foundation of a streaming media application development framework. Apache StreamPark suffers from a weak algorithmic vulnerability that stems from the use of weak encryption algorithms, which can be exploited by an attacker to expose sensitive...

7.5CVSS7AI score0.00216EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.7 views

AI Service Secret Disclosure

Most of the web applications rely on various public services to provide features to their users. In secure designs, consuming these private or cloud services will require authentication like API and private keys, username and password based credentials and similar sensitive data. Developers...

7.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.9 views

Third-Party Service Secret Disclosure

Most of the web applications rely on various public services to provide features to their users. In secure designs, consuming these private or cloud services will require authentication like API and private keys, username and password based credentials and similar sensitive data. Developers...

7.6AI score
Exploits0References1
CVE
CVE
added 2025/11/27 3:55 p.m.135 views

CVE-2025-12419

Mattermost contains an OAuth/OpenID Connect validation flaw where OAuth state tokens are not properly validated during authentication, enabling an authenticated attacker with team-creation privileges to take over a user account by manipulating data in the OAuth completion flow. The issue affects ...

9.9CVSS6.4AI score0.0031EPSS
Exploits0References1Affected Software1
SUSE Linux
SUSE Linux
added 2025/10/31 5:8 p.m.5 views

Security update for squid

This update for squid fixes the following issues: CVE-2025-62168: Fixed proxy auth data visible to scripts bsc1252281. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command list...

8.6CVSS7AI score0.6332EPSS
Exploits1References4
NVD
NVD
added 2025/10/31 4:15 p.m.11 views

CVE-2025-12508

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...

8.4CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2025/10/31 3:49 p.m.16 views

CVE-2025-12508

CVE-2025-12508 affects BRAIN2: when domain users act as BRAIN2 users, communication with Active Directory services is unencrypted, risking interception of authentication data and confidentiality. Documents consistently identify BRAIN2 as the affected software and describe the unencrypted AD traff...

8.4CVSS6.6AI score0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/31 3:49 p.m.9 views

CVE-2025-12508 Unencrypted communication to Active Directory services

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...

8.4CVSS0.00192EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/31 3:49 p.m.3 views

CVE-2025-12508 Unencrypted communication to Active Directory services

When using domain users as BRAIN2 users, communication with Active Directory services is unencrypted. This can lead to the interception of authentication data and compromise confidentiality...

8.4CVSS6.6AI score0.00192EPSS
Exploits0References1
Debian
Debian
added 2025/10/30 7:54 p.m.7 views

[SECURITY] [DSA 6047-1] squid security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6047-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 30, 2025 https://www.debian.org/security/faq -...

10CVSS6.5AI score0.6332EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/30 12:0 a.m.5 views

Debian dsa-6047 : squid - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6047 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6047-1 [email protected] https://www.debian.org/security/...

10CVSS5.5AI score0.6332EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-0823

Malware in sbrugna...

4CVSS6.1AI score0.01118EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-27114

Malware in sbrugna...

6.8CVSS5.7AI score0.00941EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-2157

Malware in sbrugna...

7.5CVSS7.8AI score0.02159EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-1529

Malware in sbrugna...

4CVSS6.4AI score0.01064EPSS
Exploits0References5
Rows per page
Query Builder