16 matches found
CVE-2025-49196
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device...
CVE-2025-49196
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device...
CVE-2025-49198 Poor quality of randomness in authorization tokens
The Media Server’s authorization tokens have a poor quality of randomness. An attacker may be able to guess the token of an active user by computing plausible tokens...
CVE-2025-49197 Deprecated TLS version supported
The application uses a weak password hash function, allowing an attacker to crack the weak password hash to gain access to an FTP user account...
CVE-2025-49197
CVE-2025-49197 describes use of a weak password hash function that could allow an attacker to crack the hash and gain access to an FTP user account. Multiple sources (NVD, Red Hat, risk assessments) reiterate the same weakness and associated risk; no explicit vulnerability-fixed version or patch ...
CVE-2025-49196 Deprecated TLS version supported
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device...
CVE-2025-49196 Deprecated TLS version supported
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to expose sensitive information, modify data in unexpected ways or spoof identities of other users or devices, affecting the confidentiality and integrity of the device...
CVE-2025-49196
CVE-2025-49196 is associated in connected sources with SICK Field Analytics and SICK Media Server, where the vulnerability stems from supporting a deprecated and unsafe TLS version. Impacts are described as affecting confidentiality and integrity; exploitation details are not provided, and public...
Data Interception And Manipulation
Gorush is vulnerable to Data Interception and Manipulation. The vulnerability is due to the use of a deprecated TLS version in the RunHTTPServer function within servernormal.go, which allows an attacker to intercept and manipulate data...
Gorush uses deprecated TLS versions
An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version...
CVE-2024-41270
An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version...
Gorush 安全漏洞
Gorush is a push notification server written in Go by Bo-Yi Wu, an individual developer. A security vulnerability exists in Gorush v1.18.4, which stems from the use of a deprecated version of TLS in the RunHTTPServer function. An attacker can use this vulnerability to intercept and manipulate dat...
CVE-2024-41270
An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version...
CVE-2024-41270
An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version...
CVE-2024-41270
CVE-2024-41270 affects Gorush (RunHTTPServer) in v1.18.4. The issue arises from using a deprecated TLS version, enabling an attacker to intercept and manipulate data. The connected sources (Red Hat, OSV, GHSA, Veracode, NVD, and related catalogs) consistently describe the same root cause and impa...
CVE-2023-41928 Remote server offers deprecated TLS protocol in Kiloview P1/P2 devices
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic weaknesses...