7 matches found
CVE-2025-13926
An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T...
CVE-2025-13926 Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision
An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T...
CVE-2025-32056
The anti-theft protection mechanism can be bypassed by attackers due to weak response generation algorithms for the head unit. It is possible to reveal all 32 corresponding responses by sniffing CAN traffic or by pre-calculating the values, which allow to bypass the protection. First identified o...
Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability
Talos Vulnerability Report TALOS-2025-2178 Tenda AC6 V5.0 Tenda App Router Authentication cleartext transmission vulnerability August 20, 2025 CVE Number CVE-2025-31143 SUMMARY A cleartext transmission vulnerability exists in the Tenda App Router Authentication functionality of Tenda AC6 V5.0...
EBICS Java Client 安全漏洞
EBICS Java Client is a Java open source EBICS client. It is used to interact with banks using EBICS Electronic Banking Internet Communications Standard. A security vulnerability exists in EBICS Java Client versions prior to 1.2, which stems from a problem with the cryptographic implementation of...
SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...
Design/Logic Flaw
Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic...