Lucene search
K

395 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/15 12:0 a.m.54 views

The vulnerability of the “Tekon” SCADA system, related to the transmission of accounting data in unencrypted form, allows a perpetrator to carry out a MITM attack.

The vulnerability of the SCADA system “Tekon” is related to the transmission of accounting data in unencrypted form. Exploiting this vulnerability could allow a malicious actor to carry out a MITM attack...

7.8CVSS5.5AI score
Exploits0References1Affected Software1
NVD
NVD
added 2025/07/09 4:15 p.m.5 views

CVE-2025-53656

Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...

6.5CVSS0.00347EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53742

Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.4AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53678

Jenkins User1st uTester Plugin 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

7AI score0.00196EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/09 3:39 p.m.4 views

CVE-2025-53662

Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

7AI score0.00281EPSS
Exploits0References1
CVE
CVE
added 2025/07/09 3:39 p.m.40 views

CVE-2025-53656

CVE-2025-53656 affects Jenkins ReadyAPI Functional Testing Plugin (versions 1.11 and earlier). The plugin stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, making these credentials viewable by users with Item/Extended Read...

6.5CVSS6.5AI score0.00347EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/09 12:0 a.m.8 views

PT-2025-28908 · Jenkins · Jenkins Readyapi Functional Testing Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ReadyAPI Functional Testing Plugin versions 1.11 and earlier Description: The Jenkins ReadyAPI Functional Testing Plugin stores sensitive information, including SLM License Access Keys, client secrets, and passwords, in unencrypted...

6.8CVSS6AI score0.00347EPSS
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.9 views

The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN lies in the unencrypted storage of critical information, allowing attackers to gain unauthorized access to protected data.

The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...

3.1CVSS5.5AI score0.00112EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.7 views

CVE-2025-32875

An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...

5.7CVSS7.1AI score0.00138EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/06/23 12:0 a.m.7 views

The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router, related to the unencrypted storage of critical information, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router lies in the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the protected information...

10CVSS5.5AI score0.00619EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/15 6:23 a.m.8 views

CVE-2025-4229

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...

6CVSS5.9AI score0.0041EPSS
Exploits0References1
NVD
NVD
added 2025/06/13 6:15 a.m.17 views

CVE-2025-4229

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...

6CVSS0.0041EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/13 5:42 a.m.33 views

CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...

6CVSS0.0041EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/13 5:42 a.m.5 views

CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability

An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...

6CVSS5.9AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 2025/06/13 5:42 a.m.57 views

CVE-2025-4229

CVE-2025-4229 : An information disclosure vulnerability in the PAN-OS SD-WAN feature allows an unauthenticated or unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface, requiring packet interception. Cloud NGFW and Prisma Access are not affected. The CVSS ...

6CVSS6.3AI score0.0041EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/13 12:0 a.m.3 views

Palo Alto Networks GlobalProtect app 安全漏洞

Palo Alto Networks GlobalProtect app is a network protection software from Palo Alto Networks, Inc. A security vulnerability exists in the Palo Alto Networks GlobalProtect app that stems from improper access control and could result in certain packets being unencrypted...

3.5CVSS6.5AI score0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/13 12:0 a.m.4 views

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from an SD-WAN feature information disclosure that could lead to viewing unencrypted data...

6CVSS5.9AI score0.0041EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/11 12:0 a.m.11 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h16 / 10.2.x < 10.2.16-h1 / 11.1.x < 11.1.10 / 11.2.x < 11.2.7 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h16, 10.2.x prior to 10.2.16-h1, 11.1.x prior to 11.1.10, or 11.2.x prior to 11.2.7. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in the SD-WAN feature of Palo...

6CVSS5.6AI score0.0041EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/11 12:0 a.m.8 views

PT-2025-25384 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: An information disclosure issue in the SD-WAN feature of the software allows an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN...

7.8CVSS5.8AI score0.0041EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/05/27 12:29 p.m.15 views

CVE-2025-5270 SNI was sometimes unencrypted

In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...

0.00241EPSS
Exploits0References3
Rows per page
Query Builder