395 matches found
The vulnerability of the “Tekon” SCADA system, related to the transmission of accounting data in unencrypted form, allows a perpetrator to carry out a MITM attack.
The vulnerability of the SCADA system “Tekon” is related to the transmission of accounting data in unencrypted form. Exploiting this vulnerability could allow a malicious actor to carry out a MITM attack...
CVE-2025-53656
Jenkins ReadyAPI Functional Testing Plugin 1.11 and earlier stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file...
CVE-2025-53742
Jenkins Applitools Eyes Plugin 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53678
Jenkins User1st uTester Plugin 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-53662
Jenkins IFTTT Build Notifier Plugin 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller, where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...
CVE-2025-53656
CVE-2025-53656 affects Jenkins ReadyAPI Functional Testing Plugin (versions 1.11 and earlier). The plugin stores SLM License Access Keys, client secrets, and passwords unencrypted in job config.xml files on the Jenkins controller, making these credentials viewable by users with Item/Extended Read...
PT-2025-28908 · Jenkins · Jenkins Readyapi Functional Testing Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins ReadyAPI Functional Testing Plugin versions 1.11 and earlier Description: The Jenkins ReadyAPI Functional Testing Plugin stores sensitive information, including SLM License Access Keys, client secrets, and passwords, in unencrypted...
The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN lies in the unencrypted storage of critical information, allowing attackers to gain unauthorized access to protected data.
The vulnerability of the microprogrammed Ethernet module software WISE-4010LAN, WISE-4050LAN, and WISE-4060LAN is related to the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...
CVE-2025-32875
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing...
The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router, related to the unencrypted storage of critical information, allows a intruder to gain unauthorized access to the protected information.
The vulnerability of the microprogrammed software of the LB-LINK BL-W1210M router lies in the unencrypted storage of critical information. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to the protected information...
CVE-2025-4229
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...
CVE-2025-4229
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...
CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...
CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability
An information disclosure vulnerability in the SD-WAN feature of Palo Alto Networks PAN-OS® software enables an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface. This requires the user to be able to intercept packets sent from the firewall. Cloud NGFW...
CVE-2025-4229
CVE-2025-4229 : An information disclosure vulnerability in the PAN-OS SD-WAN feature allows an unauthenticated or unauthorized user to view unencrypted data sent from the firewall through the SD-WAN interface, requiring packet interception. Cloud NGFW and Prisma Access are not affected. The CVSS ...
Palo Alto Networks GlobalProtect app 安全漏洞
Palo Alto Networks GlobalProtect app is a network protection software from Palo Alto Networks, Inc. A security vulnerability exists in the Palo Alto Networks GlobalProtect app that stems from improper access control and could result in certain packets being unencrypted...
Palo Alto Networks PAN-OS 安全漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from an SD-WAN feature information disclosure that could lead to viewing unencrypted data...
Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h16 / 10.2.x < 10.2.16-h1 / 11.1.x < 11.1.10 / 11.2.x < 11.2.7 Vulnerability
The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h16, 10.2.x prior to 10.2.16-h1, 11.1.x prior to 11.1.10, or 11.2.x prior to 11.2.7. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in the SD-WAN feature of Palo...
PT-2025-25384 · Palo Alto Networks · Pan-Os
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: An information disclosure issue in the SD-WAN feature of the software allows an unauthorized user to view unencrypted data sent from the firewall through the SD-WAN...
CVE-2025-5270 SNI was sometimes unencrypted
In certain cases, SNI could have been sent unencrypted even when encrypted DNS was enabled. This vulnerability was fixed in Firefox 139 and Thunderbird 139...