CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

Webmin 安全漏洞

Webmin is a set of Web-based system administration tools for use in Unix-like operating systems from the Webmin community. A security vulnerability exists in Webmin version 2.510, which stems from an unvalidated HTTP Host header in the password reset function, which could allow an attacker to...

CVE-2025-61541

Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...

EUVD-2025-34693

Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...

Inadequate Encryption Strength

Overview Affected versions of this package are vulnerable to Inadequate Encryption Strength via the SMTP process. An attacker can intercept sensitive information by performing a man-in-the-middle attack that prevents the use of TLS, causing data to be sent over an unencrypted connection...

CVE-2025-6026

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain application metadata, including device information, geolocation, and telemetry data...

EUVD-2025-34617

An improper certificate validation vulnerability was reported in the Lenovo Universal Device Client UDC that could allow a user capable of intercepting network traffic to obtain encrypted application metadata, including device information, geolocation, and telemetry data...

CVE-2025-41705

An unauthenticated remote attacker MITM can intercept the websocket messages to gain access to the login credentials for the Webfrontend...

CVE-2025-41705 Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials

An unauthenticated remote attacker MITM can intercept the websocket messages to gain access to the login credentials for the Webfrontend...

CVE-2025-41705 Phoenix Contact: WebSocket Message Interception Leaks Webfrontend Credentials

An unauthenticated remote attacker MITM can intercept the websocket messages to gain access to the login credentials for the Webfrontend...

Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP 安全漏洞

The Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP is an industrial grade DC uninterruptible power supply module from Phoenix Contact, Germany. A security vulnerability exists in the Phoenix Contact QUINT4-UPS/24DC/24DC/10/EIP that originates from an unauthenticated, remote attacker who can obtain...

CVE-2025-48981

An insecure implementation of the proprietary protocol DNET in Product CGM MEDICO allows attackers within the intranet to eavesdrop and manipulate data on the protocol because encryption is optional for this connection...

EUVD-2017-15824

Malware in sbrugna...

EUVD-2021-21224

Malware in sbrugna...

EUVD-2019-18022

Malware in sbrugna...

EUVD-2020-8133

Malware in sbrugna...

EUVD-2020-29431

Malware in sbrugna...

EUVD-2020-28247

Malware in sbrugna...

EUVD-2014-0935

Malware in sbrugna...

EUVD-2016-0386

Malware in sbrugna...