Lucene search
K

118 matches found

Vulnrichment
Vulnrichment
added 2025/10/30 9:22 p.m.5 views

CVE-2025-34271 Nagios Log Server < 2024R2.0.2 Cluster Manager Credential Requests Sent Over Plaintext

Nagios Log Server versions prior to 2024R2.0.2 contain a vulnerability in the cluster manager component when requesting sensitive credentials from peer nodes over an unencrypted channel even when SSL/TLS is enabled in the product configuration. As a result, an attacker positioned on the network...

8.7CVSS6.4AI score0.00678EPSS
Exploits0References3
OSV
OSV
added 2025/10/16 7:15 p.m.4 views

CVE-2025-11492

In the ConnectWise Automate Agent, communications could be configured to use HTTP instead of HTTPS. In such cases, an on-path threat actor with a man-in-the-middle network position could intercept, modify, or replay agent-server traffic. Additionally, the encryption method used to obfuscate some...

7.5CVSS5.8AI score0.00196EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-3047

Malware in sbrugna...

5CVSS6.4AI score0.01324EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-8736

Malware in sbrugna...

7.5CVSS7.5AI score0.00676EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0426

Malware in sbrugna...

5CVSS6.4AI score0.01281EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-0540

Malware in sbrugna...

5CVSS6.4AI score0.01354EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-8031

Malware in sbrugna...

7.5CVSS7.8AI score0.00776EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-16943

Malware in sbrugna...

7.5CVSS8.6AI score0.01636EPSS
Exploits0References17
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-16635

Malware in sbrugna...

7.4CVSS7.5AI score0.00751EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4576

Malware in sbrugna...

5CVSS6.4AI score0.01173EPSS
Exploits2References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-25968

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.00102EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19849

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00247EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-37263

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00459EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-36214

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00268EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/09/30 11:4 p.m.2 views

CVE-2025-24525 Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...

8.7CVSS6.7AI score0.00242EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/30 3:42 p.m.3 views

CVE-2025-11155

The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials...

6.8CVSS6.8AI score0.00179EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 3:14 p.m.1 views

CVE-2025-11155 WEAK ENCODING FOR PASSWORD IN DEVICE SERVER CONFIGURATION

The credentials required to access the device's web server are sent in base64 within the HTTP headers. Since base64 is not considered a strong cipher, an attacker could intercept the web request handling the login and obtain the credentials...

6.8CVSS6.5AI score0.00179EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.4 views

PT-2025-39833

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The credentials needed to access the device’s web server are transmitted in base64 within the HTTP headers. Base64 encoding is not a secure cipher, allowing an...

6.8CVSS6.4AI score0.00179EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2025/08/13 1:5 p.m.12 views

K000152049: F5 Access for Android vulnerability CVE-2025-54809

Security Advisory Description F5 Access for Android before version 3.1.2, which uses HTTPS, does not verify the remote endpoint identity. CVE-2025-54809 Impact An attacker with a network position that allows them to intercept network traffic may be able to read and/or modify data in transit. The...

8.8CVSS6.7AI score0.00251EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/12 11:16 a.m.4 views

CVE-2024-41986

A vulnerability has been identified in SmartClient modules Opcenter QL Home SC All versions = V13.2 = V13.2 = V13.2 V2506. The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data...

6.4CVSS6.9AI score0.00124EPSS
Exploits0References1
Rows per page
Query Builder