[SECURITY] Fedora 43 Update: dokuwiki-20250514b-3.fc43

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

Tenda F3 安全漏洞

Tenda F3 is a wireless router produced by the Chinese company Tenda. The Tenda F3 V12.01.01.55multi version has a security vulnerability. This vulnerability stems from the configuration download function, which exposes sensitive information in plain text, and the lack of cache control instruction...

Saleor security vulnerabilities

Saleor is an open-source interface software developed by Saleor Commerce. Versions 3.2.0 to 3.20.109, 3.21.0-a.0 to 3.21.44, and 3.22.0-a.0 to 3.22.28 of Saleor contain security vulnerabilities. These vulnerabilities stem from insecure direct object references, which may allow unverified...

[SECURITY] Fedora 43 Update: dokuwiki-20250514b-1.fc43

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at creati ng documentation of any kind. It has a simple but powerful syntax which makes su re the data-files remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

CVE-2025-10641

EfficientLab WorkExaminer Professional suffers unencrypted traffic across its monitoring stack. The CVE-2025-10641 description (confirmed across multiple sources) states that all communications between monitoring client, console, and server are transmitted in clear text, including unencrypted FTP...

EUVD-2025-1815

Malicious code in bioql PyPI...

Vulnerabilities fixed in Schneider Electric ASCO

Schneider Electric fixed vulnerabilities in ASCO Annunciator The vulnerabilities include a critical vulnerability that allows malicious firmware to be downloaded without integrity checks, which can lead to device inoperability. In addition, a vulnerability stems from allocating resources without...

Contec Health CMS8000 Patient Monitor 安全漏洞

Contec Health CMS8000 Patient Monitor is a vital signs patient monitor from Contec Japan. A security vulnerability exists in the Contec Health CMS8000 Patient Monitor that originates from allowing the transmission of plain text patient data to a hard-coded public IP address...

PT-2025-4002 · Contec Health · Contec Health Cms8000 Patient Monitor

Name of the Vulnerable Software and Affected Versions: Contec Health CMS8000 Patient Monitor version Description: The issue involves the transmission of plain-text patient data to a hard-coded public IP address when a patient is connected to the monitor. This could lead to a leakage of confidenti...

Security Bulletin: Vulnerabilities in IBM Java SDK affects IBM SAN Volume Controller and Storwize Family (CVE-2015-2613 CVE-2015-2601 CVE-2015-2625 CVE-2015-1931)

Summary There are vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An...

CVE-2022-47512

Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability HCO/ SolarWinds Platform 2022.4. No other versions are affected...

Design/Logic Flaw

SAP BusinessObjects Business Intelligence Platform Open Document - versions 420, 430, allows an unauthenticated attacker to retrieve sensitive information plain text over the network. On successful exploitation, the attacker can view any data available for a business user and put load on the...

PT-2022-18480 · Hcl · Hcl Launch

Name of the Vulnerable Software and Affected Versions: HCL Launch affected versions not specified Description: The issue concerns the storage of certain data for recurring activities in a plain text format. Recommendations: At the moment, there is no information about a newer version that contain...

postgresql: server processes unencrypted bytes from man-in-the-middle

It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands...

postgresql: server processes unencrypted bytes from man-in-the-middle

It was found that a PostgreSQL server could accept plain text data during the establishment of an SSL connection. When a user is requesting a certificate based authentication, an active Person in the Middle could use this flaw in order to inject arbitrary SQL commands...

CVE-2019-3619

Information Disclosure vulnerability in the Agent Handler in McAfee ePolicy Orchestrator ePO 5.9.x and 5.10.0 prior to 5.10.0 update 4 allows remote unauthenticated attacker to view sensitive information in plain text via sniffing the traffic between the Agent Handler and the SQL server...

PT-2019-16874 · Ibm · Ibm Sterling B2B Integrator

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator versions 5.2.0.1 through 6.0.0.0 Standard Edition Description: The issue allows highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man-in-the-middle...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect eDiscovery Analyzer (CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by eDiscovery Analyzer. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An unspecified vulnerability and Java SE...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Information Server (CVE-2015-1931 CVE-2015-2601 CVE-2015-2613 CVE-2015-2625)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6 and 7 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-1931 DESCRIPTION: IBM Java...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Cast Iron(CVE-2015-2613, CVE-2015-2601, CVE-2015-4749, CVE-2015-2625, CVE-2015-1931)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version JAVA 7 and JAVA 6 that is used by WebSphere Cast Iron. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613 DESCRIPTION: An unspecified...