48 matches found
Missing Encryption of Sensitive Data
Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data in the EncryptInterceptor's messageReceived method. An attacker can gain unauthorized access to sensitive data by bypassing EncryptInterceptor to intercept unencrypted communications. Note: This is d...
CVE-2024-43766
In multiple functions of btmblesec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote proximal/adjacent information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...
PT-2026-4790
Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be expose...
CVE-2026-22535
CVE-2026-22535 concerns an attacker with network access and valid credentials who can write to the server topics that control MQTT communications due to unencrypted MQTT protocol. The issue is described across multiple feeds (Red Hat, NVD, CIRCL, CVE lists, EUVD/ENISA, CNNVD, etc.) as a vulnerabi...
CVE-2023-53881
ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...
CVE-2023-53881 ReyeeOS 1.204.1614 Man-in-the-Middle Remote Code Execution via CWMP
ReyeeOS 1.204.1614 contains an unencrypted CWMP communication vulnerability that allows attackers to intercept and manipulate device communication through a man-in-the-middle attack. Attackers can create a fake CWMP server to inject and execute arbitrary commands on Ruijie Reyee Cloud devices by...
Ruijie ReyeeOS 安全漏洞
Ruijie ReyeeOS is an operating system from China's Ruijie Ruijie Corporation. A security vulnerability exists in Ruijie ReyeeOS version 1.204.1614, which originates from unencrypted CWMP communications and could lead to interception and manipulation of device communications...
EUVD-2017-17975
Malware in sbrugna...
EUVD-2021-22946
Malware in sbrugna...
EUVD-2019-8760
Malware in sbrugna...
EUVD-2017-5602
Malware in sbrugna...
EUVD-2018-17171
Malware in sbrugna...
EUVD-2025-19658
Malicious code in bioql PyPI...
CVE-2025-45080
YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly allowing attackers to execute a man-in-the-middle attack...
Endress+Hauser MEAC300-FNADE4 安全漏洞
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. A security vulnerability exists in the Endress+Hauser MEAC300-FNADE4, which stems from the fact that all communications are not encrypted, and can be exploited by an attacker to...
CVE-2025-45080
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
PT-2025-27567
Name of the Vulnerable Software and Affected Versions: YONO SBI: Banking & Lifestyle version 1.23.36 Description: The issue is related to the use of unencrypted communications, which could potentially allow attackers to execute a man-in-the-middle attack. Recommendations: For YONO SBI: Banking &...
CVE-2025-45080
CVE-2025-45080 is linked to YONO SBI: Banking & Lifestyle v1.23.36, with the root cause described as use of unencrypted communications that could allow a man-in-the-middle attack. Multiple sources confirm the affected product and issue, noting the risk of intercepted data via MITM. The provided d...
CVE-2025-45080
...
CVE-2025-45080
...