446 matches found
GHSA-WX63-35HW-2482 HTTP/HTTPS Traffic Interception Bypass in mad-proxy
A vulnerability in mad-proxy versions = 0.3 allows attackers to bypass HTTP/HTTPS traffic interception rules, potentially exposing sensitive traffic...
PT-2026-5735
Name of the Vulnerable Software and Affected Versions Notepad++ versions prior to 8.8.9 Description The Notepad++ WinGUp updater has a flaw in how it verifies the integrity of updates. This allows an attacker who can intercept or redirect update traffic to cause the updater to download and execut...
CVE-2024-32384
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...
CVE-2024-32384
Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device...
CVE-2025-63433
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...
EUVD-2025-198966
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...
CVE-2025-63433
Summary of CVE-2025-63433 : Xtooltech Xtool AnyScan Android Application 4.40.40 and earlier uses a hardcoded cryptographic key and IV stored statically in code to decrypt update metadata. This enables an attacker who can intercept network traffic to use the hardcoded key to decrypt, modify, and r...
PT-2025-47947
Xtooltech Xtool AnyScan Android Application 4.40.40 and prior uses a hardcoded cryptographic key and IV to decrypt update metadata. The key is stored as a static value within the application's code. An attacker with the ability to intercept network traffic can use this hardcoded key to decrypt,...
CVE-2025-11619
Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...
EUVD-2025-34693
Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic...
EUVD-2020-24468
Malware in sbrugna...
EUVD-2016-3449
Malware in sbrugna...
EUVD-2020-7774
Malware in sbrugna...
EUVD-2017-12006
Malware in sbrugna...
EUVD-2020-30240
Malware in sbrugna...
EUVD-2020-18350
Malware in sbrugna...
EUVD-2020-28638
Malware in sbrugna...
EUVD-2007-2473
Malware in sbrugna...
EUVD-2019-16224
Malware in sbrugna...
EUVD-2020-6407
Malware in sbrugna...