17 matches found
EUVD-2026-31424
STER uses unencrypted TCP traffic to transmit data over the network. It allows an attacker to conduct a Man-In-The-Middle attack and obtain sensitive data such as passwords, personal data, or authentication tokens. This issue was fixed in version 9.5...
CVE-2026-25608
CVE-2026-25608 (STER) : The vulnerability involves unencrypted TCP traffic used by STER to transmit data, enabling a Man-In-The-Middle attacker to obtain sensitive information such as passwords, personal data, or authentication tokens. The underlying risk is data confidentiality loss during netwo...
EUVD-2026-9041
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 transmit authentication credentials over unencrypted HTTP, allowing attackers to capture credentials. An attacker positioned to observe network traffic between a user and the device can intercept credentials and reuse them to gain...
EUVD-2018-8077
Malware in sbrugna...
EUVD-2025-22135
Malicious code in bioql PyPI...
CVE-2025-36062
IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...
CVE-2025-36062
IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...
CVE-2025-36062 IBM Cognos Analytics Mobile (iOS) information disclosure
IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic...
PT-2025-30323 · Ibm · Ibm Cognos Analytics Mobile
Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics Mobile iOS versions 1.1.0 through 1.1.22 Description: IBM Cognos Analytics Mobile iOS may expose information due to the use of unencrypted network traffic. Recommendations: IBM Cognos Analytics Mobile iOS versions prior t...
CVE-2014-9596
Panasonic Arbitrator Back-End Server BES MK 2.0 VPU before 9.3.1 build 4.08.003.0, when USB Wi-Fi or Direct LAN is enabled, and MK 3.0 VPU before 9.3.1 build 5.06.000.0, when Embedded Wi-Fi or Direct LAN is enabled, does not use encryption, which allows remote attackers to obtain sensitive...
CVE-2024-31206
dectalk-tts is a Node package to interact with the aeiou Dectalk web API. In [email protected], network requests to the third-party API are sent over HTTP, which is unencrypted. Unencrypted traffic can be easily intercepted and modified by attackers. Anyone who uses the package could be the victi...
TP-Link TL-PS310U Elevation of Privilege Vulnerability
The TP-Link TL-PS310U is a single USB 2.0 port MFP and storage server. An elevation of privilege vulnerability exists in versions prior to TP-Link TL-PS310U 2.079.000.t0210, which stems from the ability to discover administrative passwords by sniffing unencrypted UDP traffic, and can be exploited...
CVE-2018-16225
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android, which results in an attacker being able to reuse cookies to bypass authentication and...
Authentication flaw
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android, which results in an attacker being able to reuse cookies to bypass authentication and...
CVE-2018-16225
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android, which results in an attacker being able to reuse cookies to bypass authentication and...
CVE-2018-16225
The CVE-2018-16225 entry concerns the QBee MultiSensor Camera (up to firmware 4.16.4). The issue arises from unencrypted network traffic from clients (e.g., QBee Cam app up to Android 1.0.5, Swisscom Home app up to Android 10.7.2), enabling an attacker to reuse cookies to bypass authentication an...
Sun SunPCi II VNC Software 2.3 - Password Disclosure
Sun SunPCi II VNC Software 2.3 - Password Disclosure // source: https://www.securityfocus.com/bid/5146/info The SunPCi II card is a co-processor for a number of Solaris based systems, and provides PC software compatibility, including the ability to run Microsoft Windows. Driver software is...