CVE-2023-53881

ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...

CVE-2023-53881

ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...

CVE-2023-53881 ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution via CWMP

ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...

PT-2025-51299

Name of the Vulnerable Software and Affected Versions ReyeeOS version 1.204.1614 Description ReyeeOS version 1.204.1614 contains an unencrypted CWMP communication issue that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create ...

EUVD-2019-13499

Malware in sbrugna...

EUVD-2023-58508

Malicious code in bioql PyPI...

CVE-2023-6263

An issue was discovered by IPVM team in Network Optix NxCloud before 23.1.0.40440. It was possible to add a fake VMS server to NxCloud by using the exact identification of a legitimate VMS server. As result, it was possible to retrieve authorization headers from legitimate users when the legitima...

The XWiki JIRA extension allows data leak through an XXE attack by using a fake JIRA server

Impact If the JIRA macro is installed, any logged in XWiki user could edit his/her user profile wiki page and use that JIRA macro, specifying a fake JIRA URL that returns an XML specifying a DOCTYPE pointing to a local file on the XWiki server host and displaying that file's content in one of the...

CVE-2025-1868

Vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by...

CVE-2025-1868

CVE-2025-1868 describes an NTLM leakage vulnerability in Famatech’s Advanced IP Scanner and Advanced Port Scanner. When a network scan is initiated, the tools may emit the NTLM hash of the scanning user, enabling an attacker to intercept traffic to a legitimate or fake server to extract the user ...

Memory Leak

vertx-core is vulnerable to a Memory Leak. The vulnerability is due to erroneous caching in the server name map for TCP servers configured with TLS and SNI support. This allows attackers to send TLS client hello messages with fake server names, triggering a JVM out-of-memory error...

Eclipse Vert.x 安全漏洞

Eclipse Vert.x is an Eclipse Foundation toolkit for building responsive applications on the JVM. A security vulnerability exists in Eclipse Vert.x versions prior to 4.4.8, which stems from the presence of a memory leak that allows an attacker to trigger an out-of-memory error in the JVM by sendin...

CVE-2024-1300

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

Oracle Linux 8 : evolution (ELSA-2019-3699)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3699 advisory. - Add patch related to evolution-ews CVE-2019-3890 RH bug 1696763 evolution-ews Tenable has extracted the preceding description block directly from the Oracle...

SUSE CVE-2019-3890

It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential information by tricking the user into connecting to a fake server without the user noticing the difference...

PT-2021-23282 · Realvnc · Realvnc Viewer

Name of the Vulnerable Software and Affected Versions: RealVNC Viewer version 6.21.406 Description: The issue allows remote VNC servers to cause a denial of service, resulting in the application crashing via crafted RFB protocol data. It is noted that this issue requires social engineering to tri...

NewStart CGSL CORE 5.04 / MAIN 5.04 : evolution-data-server Vulnerability (NS-SA-2020-0075)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has evolution-data-server packages installed that are affected by a vulnerability: - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get...

NewStart CGSL CORE 5.04 / MAIN 5.04 : evolution-ews Vulnerability (NS-SA-2020-0056)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has evolution-ews packages installed that are affected by a vulnerability: - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential...

NewStart CGSL CORE 5.05 / MAIN 5.05 : evolution-ews Vulnerability (NS-SA-2020-0086)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has evolution-ews packages installed that are affected by a vulnerability: - It was discovered evolution-ews before 3.31.3 does not check the validity of SSL certificates. An attacker could abuse this flaw to get confidential...

Amazon Linux 2 : evolution-data-server, evolution-ews (ALAS-2020-1475)

The version of evolution-data-server installed on the remote host is prior to 3.28.5-4. The version of evolution-ews installed on the remote host is prior to 3.28.5-5. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1475 advisory. It was discovered evolution-ews befo...