16 matches found
EUVD-2020-25339
Malware in sbrugna...
EUVD-2024-35155
Malicious code in bioql PyPI...
EUVD-2024-39189
Malicious code in bioql PyPI...
CVE-2024-34162
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As...
CVE-2020-4092
"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server. This can potentially expos...
CVE-2024-34162
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As...
CVE-2024-34162
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As...
CVE-2024-34162
The CVE-2024-34162 entry relates to Sharp MFPs (multifunction printers). The issue is that when LDAP authentication is configured to SIMPLE, the web interface communicates with the LDAP server in clear text, allowing retrieval of the LDAP password from that traffic. Public documents consistently ...
CVE-2024-34162
The web interface of the affected devices is designed to hide the LDAP credentials even for administrative users. But configuring LDAP authentication to "SIMPLE", the device communicates with the LDAP server in clear-text. The LDAP password can be retrieved from this clear-text communication. As...
CVE-2024-41798
A vulnerability has been identified in SENTRON 7KM PAC3200 All versions. Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by...
CVE-2024-41798
A vulnerability has been identified in SENTRON 7KM PAC3200 All versions. Affected devices only provide a 4-digit PIN to protect from administrative access via Modbus TCP interface. Attackers with access to the Modbus TCP interface could easily bypass this protection by brute-force attacks or by...
Unspecified Vulnerability in Nitrokey FIDO U2F
Nitrokey FIDO2 is an open source security key that supports FIDO2 and U2F standards for strong two-factor authentication and passwordless login. A security vulnerability exists in Nitrokey FIDO U2F firmware version 1.1 and prior versions, which stems from the fact that communications between the...
CVE-2020-12040
CVE-2020-12040 affects Sigma Spectrum Infusion System v6.x (model 35700BAX) and Baxter Spectrum Infusion System v8.x (model 35700BAX2); root cause is unauthenticated clear-text transmission of system status and operational data at the application layer, enabling eavesdropping or MiTM if network c...
CVE-2020-12040
Sigma Spectrum Infusion System v's6.x model 35700BAX and Baxter Spectrum Infusion System Versions 8.x model 35700BAX2 at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data. This could allow an attacker that has...
CVE-2020-4092
"If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server. This can potentially expos...
Lotus Sametime 8.5.1 - Password Disclosure
Lotus Sametime 8.5.1 - Password Disclosure Exploit Title: Post Exploitation - Getting username and password in the Lotus Sametime 8.5.1 Google Dork: n/a Date: 18/02/2014 Exploit Author: Adriano Marcio Monteiro Vendor Homepage: http://www.ibm.com/us/en/ Software Link:...