CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

EUVD•added 2026/05/27 8:29 a.m.•7 views

EUVD-2024-55595

Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors...

4.9CVSS5.8AI score0.00021EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-43580

Name of the Vulnerable Software and Affected Versions Synology Surveillance Station versions prior to 9.2.2-11575 Synology Surveillance Station versions prior to 9.2.2-9575 Description The Export Key functionality contains a flaw that allows the cleartext transmission of sensitive information. Th...

4.9CVSS5.8AI score0.00021EPSS

Exploits0References3

EUVD•added 2026/04/14 8:8 a.m.•1 views

EUVD-2026-22227

Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

5.3CVSS5.8AI score0.00059EPSS

Exploits0References1

Cvelist•added 2026/02/17 7:32 p.m.•22 views

CVE-2025-27903 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows

IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows transmits data in a cleartext communication channel that could allow an attacker to obtain sensitive information using man in the middle techniques...

5.9CVSS0.00016EPSS

Exploits0References1

CVE•added 2026/02/05 11:38 a.m.•5 views

CVE-2026-1966

CVE-2026-1966 affects YugabyteDB Anywhere. An authenticated user with access to the configuration view can see LDAP bind passwords configured via gflags in cleartext in the web UI, enabling potential unauthorized access to external directory services. The issue is described consistently across so...

2.4CVSS5.4AI score0.00008EPSS

Exploits0References1

Cvelist•added 2026/02/05 11:38 a.m.•24 views

CVE-2026-1966 YugabyteDB Anywhere Exposes LDAP Credentials in Cleartext in Web UI

YugabyteDB Anywhere displays LDAP bind passwords configured via gflags in cleartext within the web UI. An authenticated user with access to the configuration view could obtain LDAP credentials, potentially enabling unauthorized access to external directory services...

2.4CVSS0.00008EPSS

Exploits0References1

ATTACKERKB•added 2026/02/03 2:22 a.m.•2 views

CVE-2026-24933

The API communication component fails to validate the SSL/TLS certificate when sending HTTPS requests to the server. An improper certificates validation vulnerability allows an unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to intercept the cleartext communication,...

8.9CVSS5.6AI score0.00011EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/02/02 8:10 p.m.•1 views

CVE-2026-1777 Cleartext transmission of sensitive materials in aws/sagemaker-python-sdk

The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0 includes the ModelBuilder HMAC signing key in the cleartext response elements of the DescribeTrainingJob function. A third party with permissions to both call this API and permissions to modify objects in the Training Jobs S3 output...

8.5CVSS5.6AI score0.00019EPSS

Exploits0References4

Cvelist•added 2026/02/02 8:10 p.m.•20 views

CVE-2026-1777 Cleartext transmission of sensitive materials in aws/sagemaker-python-sdk

8.5CVSS0.00019EPSS

Exploits0References4

NVD•added 2026/01/29 9:16 a.m.•4 views

CVE-2026-23564

A vulnerability in TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive informatio...

6.5CVSS0.00015EPSS

Exploits0References1

Cvelist•added 2026/01/23 8:54 a.m.•25 views

CVE-2026-22271

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure...

7.5CVSS0.00025EPSS

Exploits0References1

RedhatCVE•added 2025/12/25 7:12 p.m.•2 views

CVE-2025-36154

IBM Concert 1.0.0 through 2.1.0 stores sensitive information in cleartext during recursive docker builds which could be obtained by a local user...

6.2CVSS7.1AI score0.00006EPSS

Exploits0References1

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Cleartext Transmission of Sensitive Information (CVE-2021-22946)

A user can tell curl = 7.20.0 and = 7.20.0 and = 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server --ssl- reqd on the command line orCURLOPTUSESSL set to CURLUSESSLCONTROL or CURLUSESSLALL withlibcurl. This requirement...

7.5CVSS6.6AI score0.00063EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-3828

Malware in sbrugna...

5CVSS6.4AI score0.00343EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-3371

Malware in sbrugna...

7.5CVSS7.5AI score0.00305EPSS

Exploits0References5