Total
827 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23915 | 3 Haxx, Netapp, Splunk | 12 Curl, Active Iq Unified Manager, Clustered Data Ontap and 9 more | 2026-02-13 | N/A | 6.5 MEDIUM |
| A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then *not* get upgraded properly to HSTS. | |||||
| CVE-2022-43551 | 4 Fedoraproject, Haxx, Netapp and 1 more | 7 Fedora, Curl, Active Iq Unified Manager and 4 more | 2026-02-13 | N/A | 7.5 HIGH |
| A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request, it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded. | |||||
| CVE-2022-42916 | 4 Apple, Fedoraproject, Haxx and 1 more | 4 Macos, Fedora, Curl and 1 more | 2026-02-13 | N/A | 7.5 HIGH |
| In curl before 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion, e.g., using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26. | |||||
| CVE-2026-23564 | 2 Microsoft, Teamviewer | 2 Windows, Digital Employee Experience | 2026-02-11 | N/A | 6.5 MEDIUM |
| A vulnerability in TeamViewer DEX Client (former 1E Client) - Content Distribution Service (NomadBranch.exe) prior version 26.1 for Windows allows an attacker on the adjacent network to cause normally encrypted UDP traffic to be sent in cleartext. This can result in disclosure of sensitive information. | |||||
| CVE-2026-24441 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2026-02-10 | N/A | 5.9 MEDIUM |
| Shenzhen Tenda AC7 firmware version V03.03.03.01_cn and prior expose account credentials in plaintext within HTTP responses, allowing an on-path attacker to obtain sensitive authentication material. | |||||
| CVE-2025-27457 | 1 Endress | 2 Meac300-fnade4, Meac300-fnade4 Firmware | 2026-02-06 | N/A | 6.5 MEDIUM |
| All communication between the VNC server and client(s) is unencrypted. This allows an attacker to intercept the traffic and obtain sensitive data. | |||||
| CVE-2025-63292 | 1 Freebox | 10 Mini 4k, Mini 4k Firmware, One and 7 more | 2026-02-04 | N/A | 3.5 LOW |
| Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 Révolution r1–r3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM authentication over the `FreeWifi_secure` network. During the EAP-Response/Identity exchange, the subscriber's full Network Access Identifier (NAI), which embeds the raw IMSI, is transmitted without encryption, tunneling, or pseudonymization. An attacker located within Wi-Fi range (~100 meters) can passively capture these frames without requiring user interaction or elevated privileges. The disclosed IMSI enables device tracking, subscriber correlation, and long-term monitoring of user presence near any broadcasting Freebox device. The vendor acknowledged the vulnerability, and the `FreeWifi_secure` service is planned for full deactivation by 1 October 2025. | |||||
| CVE-2026-0767 | 1 Openwebui | 1 Open Webui | 2026-01-30 | N/A | 6.5 MEDIUM |
| Open WebUI Cleartext Transmission of Credentials Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Open WebUI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of credentials provided to the endpoint. The issue results from transmitting sensitive information in plaintext. An attacker can leverage this vulnerability to disclose transmitted credentials, leading to further compromise. Was ZDI-CAN-28259. | |||||
| CVE-2025-67159 | 1 Vatilon | 2 Pa4, Pa4 Firmware | 2026-01-30 | N/A | 7.5 HIGH |
| Vatilon v1.12.37-20240124 was discovered to transmit user credentials in plaintext. | |||||
| CVE-2025-49183 | 1 Sick | 1 Media Server | 2026-01-29 | N/A | 7.5 HIGH |
| All communication with the REST API is unencrypted (HTTP), allowing an attacker to intercept traffic between an actor and the webserver. This leads to the possibility of information gathering and downloading media files. | |||||
| CVE-2025-49194 | 1 Sick | 1 Media Server | 2026-01-26 | N/A | 7.5 HIGH |
| The server supports authentication methods in which credentials are sent in plaintext over unencrypted channels. If an attacker were to intercept traffic between a client and this server, the credentials would be exposed. | |||||
| CVE-2025-64769 | 1 Aveva | 1 Process Optimization | 2026-01-22 | N/A | 7.1 HIGH |
| The Process Optimization application suite leverages connection channels/protocols that by-default are not encrypted and could become subject to hijacking or data leakage in certain man-in-the-middle or passive inspection scenarios. | |||||
| CVE-2019-25278 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2026-01-16 | N/A | 5.9 MEDIUM |
| FaceSentry Access Control System 6.4.8 contains a cleartext transmission vulnerability that allows remote attackers to intercept authentication credentials. Attackers can perform man-in-the-middle attacks to capture HTTP cookie authentication information during network communication. | |||||
| CVE-2025-69272 | 3 Broadcom, Linux, Microsoft | 3 Dx Netops Spectrum, Linux Kernel, Windows | 2026-01-14 | N/A | 7.5 HIGH |
| Cleartext Transmission of Sensitive Information vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Sniffing Attacks.This issue affects DX NetOps Spectrum: 21.2.1 and earlier. | |||||
| CVE-2025-62578 | 1 Deltaww | 2 Dvp-12se, Dvp-12se Firmware | 2026-01-08 | N/A | 7.5 HIGH |
| DVP-12SE - Modbus/TCP Cleartext Transmission of Sensitive Information | |||||
| CVE-2025-62330 | 1 Hcltechsw | 1 Hcl Devops Deploy | 2026-01-07 | N/A | 5.9 MEDIUM |
| HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information because the HTTP port remains accessible and does not redirect to HTTPS as intended. As a result, an attacker with network access could intercept or modify user credentials and session-related data via passive monitoring or man-in-the-middle attacks. | |||||
| CVE-2025-65855 | 1 Netun | 2 Helpflash Iot, Helpflash Iot Firmware | 2026-01-06 | N/A | 6.6 MEDIUM |
| The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update servers or validate firmware signatures. An attacker with brief physical access can activate OTA mode (8-second button press), create a malicious WiFi AP using the known credentials, and serve malicious firmware via unauthenticated HTTP to achieve arbitrary code execution on this safety-critical emergency signaling device. | |||||
| CVE-2025-65827 | 1 Meatmeet | 1 Meatmeet | 2025-12-30 | N/A | 9.1 CRITICAL |
| The mobile application is configured to allow clear text traffic to all domains and communicates with an API server over HTTP. As a result, an adversary located "upstream" can intercept the traffic, inspect its contents, and modify the requests in transit. TThis may result in a total compromise of the user's account if the attacker intercepts a request with active authentication tokens or cracks the MD5 hash sent on login. | |||||
| CVE-2025-13489 | 1 Ibm | 1 Devops Deploy | 2025-12-26 | N/A | 5.9 MEDIUM |
| IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.3 IBM DevOps Deploy transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques. | |||||
| CVE-2024-32384 | 1 Kerlink | 1 Keros | 2025-12-23 | N/A | 6.8 MEDIUM |
| Kerlink gateways running KerOS prior to version 5.10 expose their web interface exclusively over HTTP, without HTTPS support. This lack of transport layer security allows a man-in-the-middle attacker to intercept and modify traffic between the client and the device. | |||||