libcurl 7.71.0 < 8.20.0 Cookie Leak via Stale Host Header

The version of libcurl installed on the remote host is 7.71.0 prior to 8.20.0. It is, therefore, affected by a cookie leak vulnerability: - When using the same connection handle for multiple HTTP requests, if a custom Host: header is removed in a subsequent request, the second request would use...

CVE-2025-0631 PowerFlex® 755 Credential Exposure Vulnerability

A Credential Exposure Vulnerability exists in the above-mentioned product and version. The vulnerability is due to using HTTP resulting in credentials being sent in clear text...

CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

Web Site Accepts Credit Card Data over cleartext HTTP

The remote web server contains at least one HTML form field that has an input of type 'cc-number' or similar. While this does not represent a risk to this web server per se, it does mean that the website may be accepting payment information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...