191 matches found
CVE-2025-15065
CVE-2025-15065 affects Kings Information & Network Co. KESS Enterprise on Windows, with vulnerability in versions prior to 25.9.19.Exe. The issue involves exposure of sensitive information, missing encryption of sensitive data, and files/directories accessible to external parties, enabling local ...
EUVD-2025-205537
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...
CVE-2025-15065 Data Exposure in Kings Information & Network KESS Enterprise
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...
CVE-2025-15065 Data Exposure in Kings Information & Network KESS Enterprise
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared...
PT-2025-53675
Name of the Vulnerable Software and Affected Versions Kings Information & Network Co. KESS Enterprise versions prior to 25.9.19.Exe Description A security issue exists in Kings Information & Network Co. KESS Enterprise on Windows that could allow an unauthorized actor to access sensitive...
PT-2025-51100
Encryption is missing on the configuration interface for Growatt ShineLan-X and MIC 3300TL-X. This allows an attacker with access to the network to intercept and potentially manipulate communication requests between the inverter and its cloud endpoint...
CVE-2025-13053 A missing encryption of sensitive data vulnerability was found in the UPS settings of ADM
When a user configures the NAS to retrieve UPS status or control the UPS, a non-enforced TLS certificate verification can allow an attacker able to intercept network traffic between the client and server can perform a man-in-the-middle MITM attack, which may obtain the sensitive information of th...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-19959)
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by for example valgrind. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2021-43396)
DISPUTED In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-13565)
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2019-7309)
In the GNU C Library aka glibc or libc6 through 2.29, the memcmp function for the x32 architecture can incorrectly return zero indicating that the inputs are equal because the RDX most significant bit is mishandled. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-26604)
systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the systemctl status command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-46219)
When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2022-46908)
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. This plugin only works with Tenable.ot. Please visit...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-28531)
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2020-36226)
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-bvlen miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEV...
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-34969)
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus- daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemo...
EUVD-2019-19218
Malware in sbrugna...
EUVD-2020-20701
Malware in sbrugna...
EUVD-2020-28692
Malware in sbrugna...