CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-29657

Malware in sbrugna...

8.1CVSS7.9AI score0.00222EPSS

Exploits1References3

RedhatCVE•added 2025/05/22 4:52 p.m.•4 views

CVE-2020-8809

Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attack...

8.1CVSS7.4AI score0.00678EPSS

Exploits2References1

OSV•added 2019/02/18 11:58 p.m.•13 views

GHSA-856X-CP3Q-47VG Insecure Default Configuration in airbrake

Affected versions of airbrake default to sending environment variables over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible for them to capture and read these environment variables, which may result in leaking sensitive information...

5.9CVSS5.5AI score0.003EPSS

Exploits0References4

OSV•added 2019/02/18 11:57 p.m.•10 views

GHSA-VVWP-3F54-XC39 Downloads Resources over HTTP in broccoli-closure

Affected versions of broccoli-closure insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on t...

9.3CVSS8.2AI score0.00735EPSS

Exploits0References3

OSV•added 2019/02/18 11:35 p.m.•12 views

GHSA-6PWF-WHC8-HJF6 Downloads Resources over HTTP in baryton-saxophone

Affected versions of baryton-saxophone insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

9.3CVSS8.1AI score0.00735EPSS

Exploits0References3

Node.js•added 2016/12/02 4:52 a.m.•35 views

Downloads Resources over HTTP

Overview Affected versions of windows-iedriver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

9.3CVSS6.2AI score0.00735EPSS

Exploits0Affected Software1

Node.js•added 2016/12/02 4:36 a.m.•36 views

Downloads Resources over HTTP

Overview Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS6.2AI score0.00735EPSS

Exploits0Affected Software1

Node.js•added 2016/12/02 4:31 a.m.•29 views

Downloads Resources over HTTP

Overview Affected versions of windows-seleniumjar-mirror insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...

9.3CVSS5AI score0.00735EPSS

Exploits0Affected Software1

Node.js•added 2016/12/01 7:26 p.m.•23 views

Downloads Resources over HTTP

Overview Affected versions of ntfserver insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...

9.3CVSS5.6AI score0.00735EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by