17 matches found
EUVD-2020-5444
Malware in sbrugna...
EUVD-2025-19871
Malicious code in bioql PyPI...
EUVD-2025-13275
Malicious code in bioql PyPI...
EUVD-2024-0073
Malicious code in bioql PyPI...
CVE-2025-27457
All communication between the VNC server and clients is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data...
CVE-2025-27457
CVE-2025-27457 concerns unencrypted communications between the VNC server and client(s) as stated in the NVD entry. Connected documents describe the same issue in the Endress+Hauser MEAC300-FNADE4 (CNVD/CNNVD/PT security pages), indicating traffic interception could reveal sensitive data. The pri...
CVE-2025-36034
IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...
CVE-2024-47870
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...
CVE-2025-32886
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...
CVE-2025-32886
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...
CVE-2025-32886
The CVE-2025-32886 issue affects goTenna v1 devices (app 5.5.3, firmware 0.25.5). The underlying problem is that packets sent over RF are also transmitted via UART through USB Shell, enabling a user with local access to learn the protocol and intercept sensitive data. The impact is information di...
PYSEC-2024-218
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...
GHSA-XH2X-3MRM-FWQM Gradio has a race condition in update_root_in_config may redirect user traffic
Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect use...
Gradio has a race condition in update_root_in_config may redirect user traffic
Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker can redirect use...
CVE-2024-40714
CVE-2024-40714 is an improper TLS certificate validation vulnerability in Veeam Backup & Replication 12.x (affected versions before 12.2.0.334). An attacker on the same network could intercept credentials during restore operations. Remediation per Veeam KB4649: upgrade to 12.2.0.334 (or later). C...
Oracle9iAS Web Cache vulnerable to buffer overflow
Overview A remotely exploitable buffer overflow in the Oracle9iAS Web Cache allows intruders to execute arbitrary code or cause the web cache process to hang or exit. Description Defcom Labs has discovered a remotely exploitable buffer overflow vulnerability in the Oracle9iAS Web Cache on all...
CVE-2024-36788
Netgear WNR614 JNR1010V2 N300-V1.1.0.541.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices...