17 matches found
EUVD-2020-27083
Malware in sbrugna...
EUVD-2018-17170
Malware in sbrugna...
EUVD-2024-25234
Malicious code in bioql PyPI...
TeleMessage 安全漏洞
TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from storing plaintext messages in memory, which could lead to message disclosure...
CVE-2024-28067
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle MITM attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext...
CVE-2025-47729
The TeleMessage archiving backend through 2025-05-05 holds cleartext copies of messages from TM SGNL aka Archive Signal app users, which is different functionality than described in the TeleMessage "End-to-End encryption from the mobile phone through to the corporate archive" documentation, as...
TeleMessage archiving backend 安全漏洞
TeleMessage archiving backend is an enterprise-grade communications archiving platform from Israel-based TeleMessage that supports compliant storage and auditing of SMS/voice/social media. A security vulnerability exists in TeleMessage archiving backend version 2025-05-05 and earlier, which stems...
CVE-2024-28067
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle MITM attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext...
CVE-2024-28067
A vulnerability in Samsung Exynos Modem 5300 allows a Man-in-the-Middle MITM attacker to downgrade the security mode of packets going to the victim, enabling the attacker to send messages to the victim in plaintext...
CVE-2024-28067
CVE-2024-28067 concerns Samsung Exynos Modem 5300. The available documents describe a vulnerability where a Man-in-the-Middle attacker can downgrade the security mode of packets sent to the victim, enabling plaintext messaging. Affected software is specified as Samsung Exynos Modem 5300; the root...
SAMSUNG Exynos Modem 5300 Security Vulnerability
SAMSUNG Exynos Modem 5300 is a modem from Samsung South Korea. A security vulnerability exists in the SAMSUNG Exynos Modem 5300 that originates from allowing a man-in-the-middle attack, where an attacker is able to send a message to the victim in plain text...
PT-2024-23560 · Unknown · Ros2 Iron Irwini
Name of the Vulnerable Software and Affected Versions: ROS2 Iron Irwini versions 2 Description: An issue has been discovered where the system transmits messages in plaintext, exposing sensitive information and making it vulnerable to man-in-the-middle MitM attacks. This allows attackers to...
HTML Injection
matrix-react-sdk is vulnerable to HTML Injection. The vulnerability exists in the bodyToHtml function of HtmlUtils.tsx because it does not escape the plainBody parameter of the highlighter attribute, which allows an attacker to inject and execute malicious plaintext messages with HTML payloads...
FreeBSD : element-web -- matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting (c676bb1b-e3f8-11ed-b37b-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c676bb1b-e3f8-11ed-b37b-901b0e9408dc advisory. - matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior ...
CVE-2014-2716
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...
CVE-2014-2716
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...
CVE-2014-2716
The CVE-2014-2716 entry concerns Ekahau Real-Time Location System components (B4 staff badge tag v5.7, firmware 1.4.52; RTLS Controller v6.0.5-FINAL; Activator 3) where RC4 cipher streams are reused across messages. Modzero’s advisory details two vulnerabilities: (1) RC4 stream reuse enabling an ...