Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
VeryFitPro 3.2.8 Insecure Transit
19.06.2021
Nick Decker
Med.
Real Estate 7 WordPress v2.9.4 Multiple Vulnerabilities
13.01.2020
m0ze
High
Across DR-810 ROM-0 - Backup File Disclosure
12.01.2019
SajjadBnz
Med.
MensaMax 4.3 Hardcoded Encryption Key Disclosure
02.10.2018
Stefan Pietsch
Med.
Trend Micro ServerProtect Disclosure / CSRF / XSS
26.05.2017
Multiple
Med.
QNAP QTS 4.2.x XSS / Command Injection / Transport Issues
18.02.2017
Harry Sintonen
Med.
Intel Driver Update Utility 2.2.0.5 Man-In-The-Middle
20.01.2016
Core
Med.
ElasticSearch Cloud-Azure Insecure Transit
20.09.2015
Pedro Andujar
CVEMAP Search Results
CVE
Details
Description
2023-10-09
CVE-2023-5461
Updating...
A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as problematic. Affected is an unknown function of the component Modbus Handler. The manipulation leads to cleartext transmission of sensitive information. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241584. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2023-09-27
CVE-2023-43124
Updating...
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
CVE-2023-43125
Updating...
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
2023-09-12
CVE-2023-40729
Updating...
A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unencrypted communication without HTTPS. An attacker who managed to gain machine-in-the-middle position could manipulate, or steal confidential information.
2023-09-05
CVE-2023-34998
Updating...
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.
2023-08-25
CVE-2023-25848
Updating...
ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.
2023-07-19
CVE-2023-3763
Updating...
A vulnerability was found in Intergard SGS 8.7.0. It has been declared as problematic. This vulnerability affects unknown code of the component SQL Query Handler. The manipulation leads to cleartext transmission of sensitive information. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-234448. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-3761
Updating...
A vulnerability was found in Intergard SGS 8.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Password Change Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-234446 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
2023-06-12
CVE-2023-1899
Updating...
Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow an attacker to gain sensitive information by monitoring network traffic between user and controller.
2023-05-22
CVE-2023-31193
Updating...
Snap One OvrC Pro versions prior to 7.3 use HTTP connections when downloading a program from their servers. Because they do not use HTTPS, OvrC Pro devices are susceptible to exploitation.
Copyright
2023
, cxsecurity.com
Back to Top
