Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
transmission vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-5777
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.
Weintek Easybuilder Pro
9.8
CVSSv3
CVE-2023-38545
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 byte...
Haxx Libcurl
Fedoraproject Fedora 37
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 11 23h2
Microsoft Windows 10 1809
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Windows 10 21h2
9 Github repositories
2 Articles
9.8
CVSSv3
CVE-2023-5554
Lack of TLS certificate verification in log transmission of a financial module within LINE Client for iOS before 13.16.0.
Linecorp Line
9.8
CVSSv3
CVE-2023-29363
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows Server 2019 -
Microsoft Windows Server 2022 -
Microsoft Windows 10 21h2
Microsoft Windows 10 22h2
Microsoft Windows 11 21h2
Microsoft Windows 11 22h2
Microsoft Windows 10 1809
Microsoft Windows 10 1607
Microsoft Windows 10 1507
1 Article
9.8
CVSSv3
CVE-2022-46680
A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic.
Schneider-electric Powerlogic Ion9000 Firmware
Schneider-electric Powerlogic Ion7400 Firmware
Schneider-electric Powerlogic Pm8000 Firmware
Schneider-electric Powerlogic Ion8650 Firmware -
Schneider-electric Powerlogic Ion8800 Firmware -
9.8
CVSSv3
CVE-2022-33321
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication for HTTP connections in Mitsubishi Electric consumer electronics products (PHOTOVOLTAIC COLOR MONITOR ECO-GUIDE, HEMS adapter, Wi-Fi Interface, Air Conditioning, Induction hob, Mi...
Mitsubishielectric Mac-557if-e Firmware
Mitsubishielectric Mac-557if-e1 Firmware
Mitsubishielectric Pac-wf010-e Firmware
Mitsubishielectric Mac-566ifb-e Firmware
Mitsubishielectric Mac-576if-e1 Firmware
Mitsubishielectric Mac-567ifb-e Firmware
Mitsubishielectric Mac-567ifb2-e Firmware
Mitsubishielectric Mac-558if-e Firmware
Mitsubishielectric Mac-558if-e1 Firmware
Mitsubishielectric Mac-559if-e Firmware
Mitsubishielectric Mac-559if-e1 Firmware
Mitsubishielectric Mac-568if-e Firmware
Mitsubishielectric Mac-568ifb-e Firmware
Mitsubishielectric Mac-568ifb2-e Firmware
Mitsubishielectric Mac-568ifb3-e Firmware
Mitsubishielectric Pac-whs01wf-e Firmware
Mitsubishielectric S-mac-702if-f Firmware
Mitsubishielectric S-mac-702if-z Firmware
Mitsubishielectric S-mac-702if-b Firmware
Mitsubishielectric S-mac-905if Firmware
Mitsubishielectric S-mac-906if Firmware
Mitsubishielectric Msz-ap60\\/71vgk-e1 Firmware
9.8
CVSSv3
CVE-2022-21167
All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, ...
Ldqk Masuit.tools
9.8
CVSSv3
CVE-2022-0749
This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for ...
Singoo Singoocms.utility -
9.8
CVSSv3
CVE-2022-21798
The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
Ge Cimplicity
9.8
CVSSv3
CVE-2022-0162
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote malicious user to intercept credentials...
Tp-link Tl-wr841n Firmware 3.16.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »