Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000580 advisory. The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002392 advisory. The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function calls that do not trigger an intended...

CVE-2010-3318

IBM Records Manager RM 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2024-38891

An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly later versions, allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information...

SUSE CVE-2011-1000

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media...

SUSE CVE-2014-9423

The svcauthgssacceptseccontext function in lib/rpc/svcauthgss.c in MIT Kerberos 5 aka krb5 1.11.x through 1.11.5, 1.12.x through 1.12.2, and 1.13.x before 1.13.1 transmits uninitialized interposer data to clients, which allows remote attackers to obtain sensitive information from process heap...

CVE-2020-9550

Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely...

Design/Logic Flaw

Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely...

NQ Contacts Backup&Restore Information Disclosure Vulnerability

NQ Contacts Backup&Restore application for Android is a set of data backup and recovery software based on Android platform. A security vulnerability exists in version 1.1 of the NQ Contacts Backup&Restore application for Android, which originates from the program's use of a DES encryption algorit...

Dahua DHI-HCVR7216A-S3 Information Disclosure Vulnerability

Dahua DHI-HCVR7216A-S3 is a network DVR product from China Dahua Dahua. A security vulnerability exists in the web interface of the NVR firmware version 3.210.0001.10, Camera firmware version 2.400.0000.28.R and SmartPSS software version 1.16.1 in the Dahua DHI-HCVR7216A-S3 device. A remote...

CVE-2017-6341

Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to requests from the Web Page, Mobile Application, and Desktop Application interfaces, which allows...

IBM BigFix Remote Control Information Disclosure Vulnerability (CNVD-2016-11814)

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A security vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. A remote attacker could exploit the vulnerability by sniffing the network to obtain sensitive information...

CVE-2016-2953

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 does not require SSL, which allows remote attackers to obtain sensitive cleartext information by sniffing the network...

IBM Tealeaf Customer Experience Information Disclosure Vulnerability (CNVD-2016-11558)

IBM Tealeaf Customer Experience is a SaaS Software-as-a-Service based analytics solution for web and mobile applications from IBM, USA. The solution helps clients improve the overall user experience by analyzing and understanding data, and supports the adoption of advanced user interfaces for ric...

CVE-2016-2509

The password-sync feature on Belden Hirschmann Classic Platform switches L2B before 05.3.07 and L2E, L2P, L3E, and L3P before 09.0.06 sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2016-1489

Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48ww for Android transfer files in cleartext, which allows remote attackers to 1 obtain sensitive information by sniffing the network or 2 conduct man-in-the-middle MITM attacks via unspecified vectors...

CVE-2015-0987

Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive information by sniffing the network during a PLC unlock request...

Cisco Unified IP Phones 9900 Series Information Disclosure Vulnerability

Cisco Unified IP Phone 9900 is a 9900 series IP phone terminal equipment from Cisco USA. The device provides voice, video, and other features. A security vulnerability exists in the mobility extension of the Cisco Unified IP Phone 9900 Series. A remote attacker could exploit this vulnerability to...

DEBIAN-CVE-2013-6491

The python-qpid client common/rpc/implqpid.py in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpidprotocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2013-6491

The python-qpid client common/rpc/implqpid.py in OpenStack Oslo before 2013.2 does not enforce SSL connections when qpidprotocol is set to ssl, which allows remote attackers to obtain sensitive information by sniffing the network...