Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.14 views

PT-2026-43320

Name of the Vulnerable Software and Affected Versions Joomla affected versions not specified Description The password and username reset features generate plain http links even when https connections are used, provided the "Force SSL" flag is not explicitly enabled. This leads to a transport...

9.8CVSS5.8AI score0.0019EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29623

IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to th...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:13 a.m.3 views

SUSE CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS6.7AI score0.04255EPSS
Exploits0References7
NVD
NVD
added 2021/07/26 12:15 p.m.25 views

CVE-2021-29769

IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie...

4.3CVSS0.00511EPSS
Exploits0References2
OSV
OSV
added 2021/02/03 4:15 p.m.5 views

CVE-2021-25756

In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS...

5.3CVSS6.1AI score0.01298EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/01/31 5:20 p.m.6 views

fetchmail not enforcing TLS for POP3 properly

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS5.8AI score0.04255EPSS
Exploits0References4
NVD
NVD
added 2006/12/31 5:0 a.m.14 views

CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS6AI score0.04255EPSS
Exploits0References37
UbuntuCve
UbuntuCve
added 2006/12/31 5:0 a.m.30 views

CVE-2006-5867

fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle MITM attacks...

7.8CVSS5.9AI score0.04255EPSS
Exploits0References2
Rows per page
Query Builder