Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.9 views

PT-2026-45817

Name of the Vulnerable Software and Affected Versions Graph Explorer versions prior to 3.0.1 Description The proxy server falls back to HTTP when certificate files are missing. This behavior may allow remote threat actors to intercept requests intended for HTTPS and obtain sensitive information...

8.2CVSS5.5AI score0.00101EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/20 10:51 a.m.9 views

Malicious code in @spcsn/taro-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10e2baba3a5166ecf1196146e1b2a8771836b25bd7f8d56979e3e277a3de9625 The package's postinstall script probes https://taro.jd.com/ and then invokes its own CLI to run npm install...

6.1AI score
Exploits0References1
NVD
NVDadded 2026/03/20 7:16 p.m.5 views

CVE-2026-32309

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, the Hub-based unlock flow explicitly supports hub+http and consumes Hub endpoints from vault metadata without enforcing HTTPS. As a result, a vault configuration can drive OAuth and key-loading traffic over...

8.7CVSS0.00204EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/12/16 6:16 a.m.25 views

CVE-2025-62330 HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information

HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive...

5.9CVSS0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/11 5:3 a.m.10 views

CVE-2025-65827

The mobile application is configured to allow clear text traffic to all domains and communicates with an API server over HTTP. As a result, an adversary located "upstream" can intercept the traffic, inspect its contents, and modify the requests in transit. TThis may result in a total compromise o...

9.1CVSS7AI score0.00227EPSS
Exploits0References1
OSV
OSVadded 2023/01/18 7:15 p.m.3 views

CVE-2023-22863

IBM Robotic Process Automation 20.12.0 through 21.0.2 defaults to HTTP in some RPA commands when the prefix is not explicitly specified in the URL. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 244109...

5.9CVSS6.2AI score
Exploits0References2
CNNVD
CNNVDadded 2022/10/26 12:0 a.m.4 views

curl 安全漏洞

curl is a tool used to transfer data from or to a server. There is a security vulnerability in curl that stems from the fact that HSTS checks can be bypassed to trick it into continuing to use HTTP...

7.5CVSS7.2AI score0.01644EPSS
Exploits0References22
Rows per page
Query Builder