66 matches found
CVE-2021-22703
A CWE-319: Cleartext transmission of sensitive information vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause disclosure of user credentials when a malicious actor intercepts HTT...
EUVD-2020-28613
Malware in sbrugna...
EUVD-2019-16399
Malware in sbrugna...
EUVD-2019-16400
Malware in sbrugna...
EUVD-2021-9838
Malicious code in bioql PyPI...
EUVD-2022-49476
Malicious code in bioql PyPI...
EUVD-2021-9837
Malicious code in bioql PyPI...
CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...
CVE-2019-6845
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol...
CVE-2019-6846
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon BMxCRA and 140CRA modules all firmware versions, which could cause information disclosure when using the FTP protocol...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-31346 DESCRIPTION: AMD SEV-SNP Firmware could allow a local authenticated...
Security Advisory 0113
Security Advisory 0113 . CSAF PDF Date: April 8, 2025 Revision | Date | Changes ---|---|--- 1.0 | April 8, 2025 | Initial release The CVE-ID tracking this issue: CVE-2024-12378 CVSSv3.1 Base Score: 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Common Weakness Enumeration: CWE-319: Cleartext...
CVE-2025-1060
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker...
CVE-2025-1060
CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists that could result in the exposure of data when network traffic is being sniffed by an attacker...
CVE-2025-1060
CVE-2025-1060 concerns Schneider Electric ASCO 5310/5350 Remote Annunciator. The vulnerability is CWE-319: Cleartext Transmission of Sensitive Information, potentially exposing data if network traffic is sniffed. Affected product family: Schneider Electric ASCO 5310/5350 Remote Annunciators (stan...
IDEC Products (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low Attack Complexity Vendor : IDEC Corporation Equipment : IDEC PLCs Vulnerabilities : Cleartext Transmission of Sensitive Information, Generation of Predictable Identifiers 2. RISK EVALUATION Successful exploitation of these vulnerabilities...
Rancher Authenticated API Credential Exposure
An issue was discovered in Rancher versions up to and including 2.5.15 and 2.6.6 where sensitive fields, like passwords, API keys and Ranchers service account token used to provision clusters, were stored in plaintext directly on Kubernetes objects like Clusters, for example...
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
PortSwigger Web Security: Title: Deceptive Manipulation of HTTP to HTTPS with VPN in Burp Suite
Vulnerability description not provided...
Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability
Talos Vulnerability Report TALOS-2023-1770 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability September 5, 2023 CVE Number CVE-2023-34998 SUMMARY An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platfor...