CVE-2023-31410

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security TLS in the SICK EventCam App. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attack...

CVE-2023-27396

FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

Design/Logic Flaw

FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

CVE-2023-27396

FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

CVE-2022-48469

There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulnerability can cause packets to be hijacked by attackers...

Design/Logic Flaw

A cleartext transmission of sensitive information vulnerability CWE-319 in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in...

PT-2023-3236 · Fortinet · Fortiproxy +1

Name of the Vulnerable Software and Affected Versions: FortiOS versions 7.0.0 through 7.0.8 FortiOS versions 7.2.0 through 7.2.4 FortiProxy versions 7.0.0 through 7.0.8 FortiProxy versions 7.2.0 through 7.2.1 Description: The issue is related to the cleartext transmission of sensitive information...

Privilege Escalation Vulnerability in Product Upgrade Module

Description Our product upgrade module contained a privilege escalation vulnerability that would allow an unauthorized user to upgrade to a product they were not authorized to. After an administrator had Product 1 can upgrde as Product2 , but not Product3, a user could use Burpsuite to intercept...

CVE-2023-33849

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105...

Information disclosure

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and 11.1 could transmit sensitive information in query parameters that could be intercepted using man in the middle techniques. IBM X-Force ID: 257105...

IBM CICS TX 安全漏洞

IBM CICS TX is a comprehensive, single transaction runtime package from International Business Machines IBM. A security vulnerability exists in CICS TX Standard version 11.1, CICS TX Advanced versions 10.1 and 11.1, and IBM TXSeries for Multiplatforms versions 8.1, 8.2, and 9.1, which stems from...

IBM Aspera Cargo and IBM Aspera Connect Information Disclosure Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect, which can be exploited by attackers to cause unauthorized...

CVE-2023-27861

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

CVE-2023-27861

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

Information disclosure

IBM Maximo Application Suite - Manage Component 8.8.0 and 8.9.0 transmits sensitive information in cleartext that could be intercepted by an attacker using man in the middle techniques. IBM X-Force ID: 249208...

CVE-2023-22862

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval...

Authentication flaw

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 244107...

CVE-2023-22862 IBM Aspera information disclosure

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval...

CVE-2023-22862 IBM Aspera information disclosure

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval...

IBM Aspera 安全漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect, which can be exploited by attackers to cause unauthorized...