EUVD-2013-6589

Malware in sbrugna...

EUVD-2023-43720

Malicious code in bioql PyPI...

CVE-2025-53861

A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle MitM and Cross-site scripting XSS attacks allowing attackers to read transmitted data...

Do Not Enable the rsync Service

The rsync service can synchronize data between servers or between local drive partitions. However, information leakage risks exist because rsync uses non-encrypted transmission protocols. If the rsync service is enabled and data is transmitted between servers over the network, attackers can...

CVE-2021-45100

An unexpected, non-encrypted communication flaw in the Linux kernel's ksmbd Samba 3 protocol implementation subsystem was found in the way when user set flag SMB2GLOBALCAPENCRYPTION using the SMB 3.1.1 protocol. If during connection flag SMB2GLOBALCAPENCRYPTION being used by remote user, then for...

Facebook Postpones Plans for E2E Encryption in Messenger, Instagram Until 2023

Meta, the parent company of Facebook, Instagram, and WhatsApp, disclosed that it doesn't intend to roll out default end-to-end encryption E2EE across all its messaging services until 2023, pushing its original plans by at least a year. "We're taking our time to get this right and we don't plan to...

CVE-2021-23386

Remote memory exposure vulnerability was found in nodejs dns-packet library. The buffers created with allocUnsafe are not always filled before forming the network packets and an attacker can use this vulnerability to potentially get access to internal application memory over non encrypted network...

Debian: Security Advisory (DLA-2247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2247-1] thunderbird security update

Package : thunderbird Version : 1:68.9.0-1deb8u2 CVE ID : CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the...

Debian: Security Advisory (DSA-4702-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4702-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

[SECURITY] [DSA 4702-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4702-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2020 https://www.debian.org/security/faq -...

Information Disclosure

pidgin is vulnerable to information disclosure. It was discovered that, when connecting to certain, very old Jabber servers via XMPP, Pidgin may ignore the "Require SSL/TLS" setting. In these situations, a non-encrypted connection is established rather than the connection failing, causing the use...

PT-2019-6349 · 3S Smart · Codesys Control Rte V3 +12

Name of the Vulnerable Software and Affected Versions: 3S-Smart CODESYS V3 products versions containing the CmpUserMgr component CODESYS Control for BeagleBone versions containing the CmpUserMgr component CODESYS Control for emPC-A/iMX6 versions containing the CmpUserMgr component CODESYS Control...

Security Bulletin: TADDM - Security improvement: Tomcat default files and non-encrypted administrative interfaces available.

Summary TADDM security improvement deployed starting from TADDM 7.2.1.5 and in TADDM 7.2.2 related to availability of the default Tomcat administration interface. Vulnerability Details CVE-2013-3023 Description TADDM server prompts for credentials to access Tomcat Manager Application and Tomcat...

CVE-2017-15340

Huawei smartphones with software of TAG-AL00C92B168 have an information disclosure vulnerability. An attacker tricks the user to install a crafted application, this application simulate click action to back up data in a non-encrypted way using an Android assist function. Successful exploit could...

Cordova-Android MiTM Remote Code Execution(CVE-2017-3160)

Product Apache Cordova Vulnerable Version 6.1.1 and below Technical Details When adding an Android project for the first time: ‘cordova platform add Android’ Cordova requires Gradle build tool to be installed in the local development environment. If the developer had not pre-installed Gradle, the...

Cisco Prime LAN Management Solution Remote Command Execution (CVE-2012-6392)

A remote command execution vulnerability exists in Cisco Prime LAN Management Solution. The vulnerability is due to use of non encrypted connection with the server. A successful exploitation would allow the attacker to execute commands, and send files...

web-magik CMS SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================= web-magik CMS SQL Injection Vulnerability ========================================= Vendor : http://web-magik.com/ prices : Not Yet:P Discovered by : cyberlog Site : Sekuritionline.net Channel :...

Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================================== Snort $Id: THCsnortbo.c,v 1.1 2005/10/24 11:38:59 thccvs Exp $ / / DETAILS The bug is in sppbo.c, BoGetDirection function static int BoGetDirectionPacket p, char pktdata uint3...