Lucene search
K

395 matches found

RedHat Linux
RedHat Linux
added 2014/07/22 5:59 p.m.4 views

nss: false start PR_Recv information disclosure security issue

A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server...

5.8CVSS6.6AI score0.01929EPSS
Exploits1References4
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.19 views

Bilyoner apps insecure data transmission

Under some conditions data is sent unencrypted...

1.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2014/04/29 7:23 a.m.15 views

Skype leaves Sensitive User Data Unencrypted Locally On Computers

An application should always encrypt users' sensitive data, either it is local or stored on company servers, but still many popular services failed to provide fully secured solutions to their users. Cristian Dinu DrOptix and Dragoş Gaftoneanu, Romanian programmers at Hackyard Security Group, a...

5.9AI score
Exploits0
The Hacker News
The Hacker News
added 2014/04/23 3:43 a.m.11 views

Viber's Poor Data Security Practices Threaten Users' Privacy

Last week we reported a critical vulnerability in the world's most popular messaging application WhatsApp, that could expose users’ GPS location data to hackers and was discovered by the researchers at UNH Cyber Forensics Research & Education Group. Same Group of researchers reported new set of...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/13 11:54 a.m.9 views

Safari Stores Previous Browsing Session Data Unencrypted

Users of Apple’s Safari browser are at risk for information loss because of a feature common to most browsers that restores previous sessions. The problem with Safari is that it stores session information including authentication credentials used in previous HTTPS sessions in a plaintext XML file...

6.8AI score
Exploits0References1
OpenVAS
OpenVAS
added 2012/09/25 12:0 a.m.22 views

Apple Remote Desktop Information Disclosure Vulnerability

Apple Remote Desktop is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.2AI score0.01711EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2012/08/21 3:58 p.m.8 views

Apple Patches Remote Desktop Flaw

Apple has released a fix for a vulnerability in its Remote Desktop product that could result in sensitive data not being encrypted, even when users have the product configured to send all data in encrypted form. The vulnerability can lead to information leakage and Apple says the issue affects...

1.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2011/06/30 9:47 p.m.10 views

Veterans Affairs breaches

The Department of Veterans Affairs was hit on two separate occasions by breaches in 2006. 26.5 million Veterans and their families had their names, Social Security numbers and dates of birth lifted after a laptop was swiped from an employee’s home in May. The laptop was retrieved in August and tw...

1AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2011/04/18 6:55 p.m.3 views

CVE-2011-1717

Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of birth, instant message logs, and other private information...

2.1CVSS5.5AI score0.00292EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2009/12/03 12:0 a.m.40 views

SuSE 11 Security Update : pidgin (SAT Patch Number 1604)

This update of pidgin fixes the following issues : - Allowed to send confidential data unencrypted even if SSL was chosen by user. CVE-2009-3026: CVSS v2 Base Score: 5.0 - Remote denial of service in yahoo IM plug-in. CVE-2009-3025: CVSS v2 Base Score: 4.3 - Remote denial of service in MSN plug-i...

5CVSS5.4AI score0.02683EPSS
Exploits3References16
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.1 views

Hatena Toolbar sends URL information unecnrypted

Overview Hatena Toolbar improperly sends URL information to the Hatena server without being encrypted when a user views a web page secured by SSL. Impact When a user of Hatena Toolbar views a SSL secured web page, an attacker could obtain the information contained in the URL such as a session ID...

2.6CVSS6.6AI score
Exploits0References5
NVD
NVD
added 2006/11/08 10:7 p.m.16 views

CVE-2006-5806

SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not...

2.1CVSS5.8AI score0.00342EPSS
Exploits0References7
securityvulns
securityvulns
added 2004/08/04 12:0 a.m.23 views

Datakeys tokens/smart cards weak encryption

All data between computer and device are transmitted unencrypted...

3AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 1999/08/30 12:0 a.m.26 views

NIS Server Detection

The remote host is an NIS Network Information Service server. NIS is used to share usernames, passwords, and other sensitive information among the hosts claiming to be within a given NIS domain and passes this information over the network unencrypted. C Tenable Network Security, Inc...

5.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 1999/08/22 12:0 a.m.230 views

Telnet Service Detection

The Telnet service is running. This service is dangerous in the sense that it is not ciphered - that is, everyone can sniff the data that passes between the telnet client and the telnet server. This includes logins and passwords. C Tenable Network Security, Inc. include"compat.inc"; ifdescription...

5.4AI score
Exploits0
Rows per page
Query Builder