CVE-2026-25608

CVE-2026-25608 (STER) : The vulnerability involves unencrypted TCP traffic used by STER to transmit data, enabling a Man-In-The-Middle attacker to obtain sensitive information such as passwords, personal data, or authentication tokens. The underlying risk is data confidentiality loss during netwo...

EUVD-2026-31424

STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to conduct a Man-In-The-Middle attack and obtain sensitive data such as passwords, personal data, or authentication tokens. This issue was fixed in version 9.5...

EUVD-2025-209663

HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise the confidentiality, integrity, and authentication of sensitive information...

EUVD-2026-9041

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain...

EUVD-2018-8077

Malware in sbrugna...

EUVD-2021-0923

Malware in sbrugna...

EUVD-2025-22135

Malicious code in bioql PyPI...

CVE-2025-36062

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...

CVE-2025-36062

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...

CVE-2025-36062 IBM Cognos Analytics Mobile (iOS) information disclosure

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...

PT-2025-30323 · Ibm · Ibm Cognos Analytics Mobile

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics Mobile iOS versions 1.1.0 through 1.1.22 Description: IBM Cognos Analytics Mobile iOS may expose information due to the use of unencrypted network traffic. Recommendations: IBM Cognos Analytics Mobile iOS versions prior t...

CVE-2014-9596

Panasonic Arbitrator Back-End Server BES MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Direct LAN is enabled, does not use encryption, which allows remote attackers to obtain sensitive...

CVE-2024-31206

dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victi...

CVE-2024-35061

NASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-the-middle attack. When chained with CVE-2024-35059, the CVE in subject leads to an unauthenticated, fully remote code execution...

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version 2.5.2 that stems from the use of an unencrypted channel to exchange data over a network, which allows an attacker to perform a man-in-the-middle attack...

CVE-2024-31206

CVE-2024-31206 affects the Node package dectalk-tts . In 1.0.0, the module makes HTTP (unencrypted) requests to the aeiou Dectalk web API, creating a potential man-in-the-middle risk where traffic could be intercepted or modified. The network traffic was upgraded to HTTPS in version 1.0.1. The av...

CVE-2023-3272

Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted...

Unspecified vulnerability in Mathias Buus dns-packet

dns-packet is a software application. An abstraction encodes a dependency model for encoding/decoding DNS packets. A security vulnerability exists in Mathias Buus dns-packet versions prior to 5.2.2, which can be exploited by an attacker to expose internal application memory over an unencrypted...

Memory Exposure

Overview This affects the package dns-packet before versions 1.3.2 and 5.2.2. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose internal application memory over unencrypted network when querying crafted invalid domain names...

GHSA-3WCQ-X3MQ-6R9P Potential memory exposure in dns-packet

This affects the package dns-packet before versions 1.3.2 and 5.2.2. It creates buffers with allocUnsafe and does not always fill them before forming network packets. This can expose internal application memory over unencrypted network when querying crafted invalid domain names...