PT-2026-42764

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An unprotected transport of credentials issue in syslink software AG Avantra on Linux and Windows enables sniffing attacks, where an attacker can intercept sensitive authentication data during...

CVE-2026-30796

Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android Address book sync, Heartbeat sync loop modules allows Sniffing Attacks. The client places the preset...

CVE-2026-3100

The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...

CVE-2025-66601

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not specify MIME types. When an attacker performs a content sniffing attack, malicious scripts could be executed. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVR...

CVE-2025-69271

Insufficiently Protected Credentials vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...

CVE-2025-69272 Spectrum password returned in clear

Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier...

Broadcom DX NetOps Spectrum 安全漏洞

Broadcom DX NetOps Spectrum is a network fault management and condition monitoring platform from Broadcom Corporation USA. A security vulnerability exists in Broadcom DX NetOps Spectrum version 21.2.1 and prior versions, which originates from the explicit transmission of sensitive information and...

CVE-2022-26077

A cleartext transmission of sensitive information vulnerability exists in the OAS Engine configuration communications functionality of Open Automation Software OAS Platform V16.00.0112. A targeted network sniffing attack can lead to a disclosure of sensitive information. An attacker can sniff...

EUVD-2023-24004

Malicious code in bioql PyPI...

CVE-2025-32876

An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the COROS smartwatch does not support LE Secure Connections and instead enforces BLE Legacy Pairing. In BLE Legacy Pairing, the Short-Term Key STK can be easily guessed. This requires knowledge of the...

CVE-2024-32946

A vulnerability in the LevelOne WBR-6012 router's firmware version R0.40e6 allows sensitive information to be transmitted in cleartext via Web and FTP services, exposing it to network sniffing attacks...

CVE-2024-32946

The vulnerability CVE-2024-32946 affects LevelOne WBR-6012 router firmware R0.40e6. Talos reports that Web and FTP administration traffic is transmitted in cleartext, exposing credentials and other sensitive data to network sniffing. Affected component: router firmware with HTTP/FTP services that...

CVE-2024-7755 HMS Networks EWON FLEXY 202 Insufficiently Protected Credentials

The EWON FLEXY 202 transmits credentials using a weak encoding method base64. An attacker who is present in the network can sniff the traffic and decode the credentials...

PT-2024-28263 · Horizon Business Services Inc. · Caterease

Name of the Vulnerable Software and Affected Versions: Horizon Business Services Inc. Caterease versions 16.0.1.1663 through 24.0.1.2405 Description: The issue allows a remote attacker to perform a Sniffing Network Traffic attack due to the cleartext transmission of sensitive information...

Session fixation

Incorrect Session Management and Credential Re-use in the Bluetooth LE stack of the Ultraloq UL3 2nd Gen Smart Lock Firmware 02.27.0012 allows an attacker to sniff the unlock code and unlock the device whilst within Bluetooth range...

SUSE CVE-2015-2808

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

CVE-2022-2758 Update

Passwords are not adequately encrypted during the communication process between all versions of LS Industrial Systems LSIS Co. Ltd LS Electric XG5000 software prior to V4.0 and LS Electric PLCs: all versions of XGK-CPUU/H/A/S/E prior to V3.50, all versions of XGI-CPUU/UD/H/S/E prior to V3.20, all...

CVE-2022-30561

When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user's login packet...

What is Eavesdropping Attack❓ Definition, Types and Prevention

Eavesdropping can be defined as the demonstration of quietly catching a discussion among arbitrary outsiders; albeit discourteous, what mischief might it actually do? All things considered, very little in case somebody is simply honestly paying attention to a discussion that intrigues them...

Crossmatch Digital Crossmatch Digital Persona U.are.U 4500 Fingerprint Reader Encryption Issue Vulnerability

Crossmatch Digital Persona U.are.U 4500 Fingerprint Reader is a fingerprint reader from Crossmatch USA. An encryption issue vulnerability exists in version v24 of the Digital Persona U.are.U 4500 Fingerprint Reader, which can be exploited by an attacker to decrypt an encrypted fingerprint image b...