3247 matches found
CVE-2025-6031
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...
CVE-2025-49194
The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed...
CVE-2025-49183
All communication with the REST API is unencrypted HTTP, allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files...
CVE-2025-4227
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows...
CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows...
CVE-2025-4227
CVE-2025-4227 affects Palo Alto Networks GlobalProtect App (Windows and macOS). The Endpoint Traffic Policy Enforcement feature is vulnerable to improper access control, allowing certain packets to remain unencrypted within the tunnel. A physical-access attacker could inject rogue devices to inte...
CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Policy Enforcement
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks GlobalProtect™ app allows...
CVE-2025-6031
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...
CVE-2025-6031 Insecure device pairing in end of life Amazon Cloud Cam
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...
CVE-2025-6031
CVE-2025-6031 concerns the now-deprecated Amazon Cloud Cam. The vulnerability arises from the device’s default pairing state, which can allow an arbitrary user to bypass SSL pinning and associate the camera with any network, enabling interception and modification of network traffic. Affected prod...
CVE-2025-6031 Insecure device pairing in end of life Amazon Cloud Cam
Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...
CVE-2025-49194
The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed...
CVE-2025-49194 Unencrypted communication
The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed...
CVE-2025-49194
CVE-2025-49194 affects SICK Field Analytics and SICK Media Server. A root cause is support for authentication methods that transmit credentials in cleartext over unencrypted channels, enabling potential credential disclosure if traffic is intercepted. Public documentation from multiple sources co...
CVE-2025-49183
All communication with the REST API is unencrypted HTTP, allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files...
CVE-2025-49183
CVE-2025-49183 affects SICK Field Analytics and SICK Media Server. Root cause: unencrypted REST API communications over HTTP allow an attacker to intercept traffic, enabling information gathering and potential media-file downloads. Impact is described as confidentiality concerns (information disc...
CVE-2025-49183 Unencrypted communication (HTTP)
All communication with the REST API is unencrypted HTTP, allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files...
PT-2025-25308
Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description The issue is related to unencrypted communication with the REST API, which uses HTTP. This allows an attacker to intercept traffic between the actor and the webserver, potentially leading to...
Amazon Cloud Cam 安全漏洞
Amazon Cloud Cam is an HD webcam from Amazon. A security vulnerability exists in Amazon Cloud Cam that stems from the device's default pairing state allowing bypassing SSL fixes, which could lead to network traffic interception and modification...
PT-2025-25352 · Amazon · Amazon Cloud Cam
Name of the Vulnerable Software and Affected Versions: Amazon Cloud Cam affected versions not specified Description: The issue concerns a home security camera that is no longer supported due to its end-of-life status. When powered on, the device attempts to connect to a deprecated remote service...