Bluetooth Core Specification 安全漏洞

The Bluetooth Core Specification is a specification. Defines the technical building blocks used by developers to create the interoperable devices that make up the thriving Bluetooth ecosystem. It is overseen by the Bluetooth Special Interest Group SIG and regularly updated and enhanced by the...

CVE-2022-45480

PC Keyboard WiFi & Bluetooth allows an attacker in a man-in-the-middle position between the server and a connected device to see all data including keypresses in cleartext. CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N...

CVE-2021-35246 Unprotected Transport of Credentials (HSTS) Vulnerability

The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS encryption and use the application as a platform for attacks against its users...

CVE-2022-23678

A vulnerability in the Aruba Virtual Intranet Access VIA client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access VIA client for Microsoft Windows...

The vulnerability of the Illumina Local Run Manager software lies in the absence of an authentication process, which allows attackers to infiltrate, replicate, modify, and/or intercept confidential data.

The vulnerability of the Illumina Local Run Manager software lies in the absence of an authentication process. Exploiting this vulnerability allows a malicious actor to remotely infiltrate, replicate, modify, and/or intercept sensitive data...

CVE-2022-1521

LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive data...

PT-2022-4353 · Illumina · Illumina Local Run Manager

Name of the Vulnerable Software and Affected Versions: Illumina Local Run Manager affected versions not specified Description: The issue is related to the lack of authentication or authorization procedures in the software. This allows a malicious actor to inject, replay, modify, and/or intercept...

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices, which stems from the transmission of data in an open manner via the HTTP protocol, allows attackers to intercept traffic and disrupt the operation of the devices.

The vulnerability of Siemens SICAM P850 and Siemens SICAM P855 multifunctional measuring devices lies in the transmission of data in an open manner via the HTTP protocol. Exploiting this vulnerability can allow a remote attacker to intercept traffic and disrupt the operation of the device...

CVE-2021-27768

Using the ability to perform a Man-in-the-Middle MITM attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was intercepted using a proxy server set up in 'transparent' mode...

USN-5360-1 tomcat9 vulnerabilities

It was discovered that Tomcat incorrectly performed input verification. A remote attacker could possibly use this issue to intercept sensitive information. CVE-2020-13943, CVE-2020-17527, CVE-2021-25122, CVE-2021-30640 It was discovered that Tomcat did not properly deserialize untrusted data. An...

PT-2022-8710 · Ge · Ge Reason Rt430 +2

Name of the Vulnerable Software and Affected Versions: GE Reason RT430, RT431 & RT434 GNSS clocks versions prior to 08A06 Description: The issue allows attackers to intercept and decrypt encrypted traffic through an HTTPS connection by having access to the hard-coded cryptographic key. This could...

CVE-2020-10627

Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wireless RF communication protocol does not properly implement authentication or authorization. An...

Authentication flaw

Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wireless RF communication protocol does not properly implement authentication or authorization. An...

CVE-2020-10627

Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wireless RF communication protocol does not properly implement authentication or authorization. An...

IBM QRadar Network Security 安全漏洞

IBM QRadar Network Security is a network security manager from IBM USA, Inc. used to provide better visibility and control over activities and users on the network, while using deep packet inspection, heuristics and behavior-based analysis to detect and prevent advanced threats.A security...

What is Eavesdropping Attack❓ Definition, Types and Prevention

Eavesdropping can be defined as the demonstration of quietly catching a discussion among arbitrary outsiders; albeit discourteous, what mischief might it actually do? All things considered, very little in case somebody is simply honestly paying attention to a discussion that intrigues them...

Philips Vue PACS 安全漏洞

Philips Vue PACS is an image management solution from Philips Europe. Philips Vue PACS suffers from a security vulnerability that arises from the software transmitting sensitive or security-critical data in clear text, a communication channel that can be sniffed by unauthorized actors...

Stalkerware Apps Riddled with Security Bugs

Android stalkerware apps – used to surreptitiously track people’s movements and digital activities – turn out to themselves be rife with security holes that put victims in even danger. Stalkerware can track the GPS location of a victim’s device, record conversations, capture images and snoop on...

VulnCheck KEV: CVE-2019-5591

Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol LDAP server...

CVE-2020-25169

The CVE-2020-25169 issue affects Reolink P2P cameras, where data transferred between the local device and Reolink servers may be exposed due to cleartext transmission of sensitive information. The advisory notes a high risk with CVSS v3 base score up to 9.1 (ATT&CK context not explicitly listed i...