91 matches found
PT-2026-49188
Quick.CMS deserializes user-controlled data received over plaintext HTTP without ensuring integrity or authenticity. This allows attackers to tamper with serialized payloads in transit and inject malicious objects. Because deserialization is performed without proper validation or class...
GX Group Earth 2022 ONT 安全漏洞
GX Group Earth 2022 ONT is an FTTH optical network terminal device developed by the Turkish company GX Group. There is a security vulnerability present in GX Group Earth 2022 ONT. This vulnerability stems from the web management interface transmitting user credentials via HTTP plaintext...
CVE-2026-8673
CVE-2026-8673 describes an unprotected transport of credentials in Avantra from syslink software AG on Linux and Windows, allowing sniffing of credentials. The affected line is Avantra before version 25.3.0. Documented impacts emphasize confidentiality and integrity risks, with CVSS v3.1 indicati...
Nexus Wallet Interface 安全漏洞
Nexus Wallet Interface is an open-source cryptocurrency wallet interface developed by Nexus. Version 3.2.0-beta.2 of Nexus Wallet Interface contains a security vulnerability, which stems from the transmission of sensitive information in plain text...
RustDesk Server PRO 安全漏洞
RustDesk Server PRO is a set of remote desktop server management scripts developed by RustDesk’s individual developers. Versions of RustDesk Server PRO prior to 1.7.5 contained security vulnerabilities, which stemmed from the transmission of sensitive information in plain text, potentially allowi...
PanCafe Pro 安全漏洞
PanCafe Pro is an internet cafe billing and management software developed by the Turkish company PanCafe. Versions of PanCafe Pro prior to version 3.3.2 up to 23092025 contained security vulnerabilities. These vulnerabilities were due to the transmission of sensitive information in plain text,...
EUVD-2020-26146
Malware in sbrugna...
EUVD-2018-3452
Malware in sbrugna...
CVE-2025-58584 Plain Text Transmission of Username and Password in the URL
In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally...
EUVD-2022-4430
Malicious code in bioql PyPI...
EUVD-2022-2776
Malicious code in bioql PyPI...
EUVD-2022-2625
Malicious code in bioql PyPI...
EUVD-2022-48728
Malicious code in bioql PyPI...
EUVD-2022-4693
Malicious code in bioql PyPI...
EUVD-2022-5832
Malicious code in bioql PyPI...
EUVD-2022-3705
Malicious code in bioql PyPI...
EUVD-2022-5429
Malicious code in bioql PyPI...
EUVD-2022-2369
Malicious code in bioql PyPI...
EUVD-2022-4482
Malicious code in bioql PyPI...
CVE-2025-0683
In its default configuration, Contec Health CMS8000 Patient Monitor transmits plain-text patient data to a hard-coded public IP address when a patient is hooked up to the monitor. This could lead to a leakage of confidential patient data to any device with that IP address or an attacker in a...