PT-2026-6192

Name of the Vulnerable Software and Affected Versions Shenzhen Tenda AC7 firmware versions prior to V03.03.03.01 cn Description The firmware for Shenzhen Tenda AC7 devices up to version V03.03.03.01 cn reveals account credentials in plain text within HTTP responses. This allows an attacker...

EUVD-2017-14735

Malware in sbrugna...

CVE-2025-24948

In JotUrl 2.0, passwords are sent via HTTP GET-type requests, potentially exposing credentials to eavesdropping or insecure records...

CVE-2023-39244

DELL ESI Enterprise Storage Integrator for SAP LAMA, version 10.0, contains an information disclosure vulnerability in EHAC component. An remote unauthenticated attacker could potentially exploit this vulnerability by eavesdropping the network traffic to gain admin level credentials...

PT-2024-14279 · Skyworth · Skyworth Router Cm5100

Name of the Vulnerable Software and Affected Versions: Skyworth Router CM5100 version 4.1.1.24 Description: This issue exists due to the transmission of authentication credentials in plaintext over the network. A remote attacker could exploit this by eavesdropping on the victim’s network traffic ...

GHSA-WR7R-VG3C-54R5 Missing Encryption of Sensitive Data in Apache Guacamole

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...

Information disclosure

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information...

CVE-2020-25493

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

Hardcoded credentials

Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic...

CVE-2020-12048

Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption e.g., TLS/SSL when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool. An attacker wi...

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report, at least two separate groups of hackers exploite...

Design/Logic Flaw

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

CVE-2019-11276 Apps Manager sends tokens to Spring apps via HTTP

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.16, 2.4.x prior to 2.4.12, 2.5.x prior to 2.5.8, and 2.6.x prior to 2.6.3, makes a request to the /cloudapplication endpoint via Spring actuator, and subsequent requests via unsecured http. An adjacent...

CVE-2018-4069

An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. The ACEManager authentication functionality is done in plaintext XML to the web server. An attacker can listen to network traffic upstream from the device to...

Code injection

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain...

CVE-2018-1340

Removed by vendor...

Eobot: Secure Pages Include Mixed Content Issue

Description The page includes mixed content, that is content accessed via HTTP instead of HTTPS. Steps 1 Enter these two URLs https://www.eobot.com/fee https://www.eobot.com/ad 2 Open Source Code viewer You will note and Mixed Content Error. http://bitcoin.sipa.be/speed-small-lin.png Fix A page...

PoC Attack Escalates MikroTik Router Bug to ‘As Bad As It Gets’

A new hacking technique used against vulnerable MikroTik routers gives attackers the ability to execute remote code on affected devices. The technique is yet another security blow against the MikroTik router family. Previous hacks have left the routers open to device failures, cyptojacking and...

Padding Oracle Attack

simplesamlphp is vulnerable to padding oracle attacks. The library does not authenticate the ciphertext, allowing a malicious user listening in on the network to conduct a padding oracle attack to recover the identifier and try impersonating the user...

Design/Logic Flaw

During a routine security analysis, it was found that one of the ports in Apache Impala incubating 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift...