Lucene search
K

8 matches found

NVD
NVD
added 2026/06/30 10:16 a.m.13 views

CVE-2026-10763

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS0.00347EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 4:6 p.m.37 views

CVE-2025-62311 HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels.

HCL AION is affected by a vulnerability where backend service details may be transmitted over insecure HTTP channels. This may expose sensitive information to potential interception or unauthorized access during transmission under certain conditions...

4.3CVSS0.0008EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 3:15 a.m.4 views

CVE-2026-24934

The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...

3.7CVSS5.9AI score0.00156EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-2150

Name of the Vulnerable Software and Affected Versions Tenda 300Mbps Wireless Router F3 Tenda N300 Easy Setup Router Description The routers are susceptible to a flaw stemming from the use of login credentials as the session ID via the web-based administrative interface. A remote attacker could...

8.8CVSS6.3AI score0.00451EPSS
Exploits0References4
OSV
OSV
added 2025/05/09 12:42 p.m.6 views

OESA-2025-1469 cobbler security update

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

9.8CVSS7.1AI score0.88482EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/16 3:2 a.m.4 views

SUSE CVE-2023-23915

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP...

7.4CVSS8.6AI score0.00861EPSS
Exploits0References61
OSV
OSV
added 2021/11/05 4:15 p.m.4 views

CVE-2021-42699

The affected product is vulnerable to cookie information being transmitted as cleartext over HTTP. An attacker can capture network traffic, obtain the user’s cookie and take over the account...

5.9CVSS5.8AI score0.0048EPSS
Exploits0References1
OSV
OSV
added 2019/06/07 8:29 p.m.6 views

CVE-2018-10690

An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such...

8.1CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder