Falhas do tipo CWE-311

301 resultados
CVE-2019-13922A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). An attacker with administrative privileges caEPSS 0.6%CVE-2021-27779CRITICALA Security Misconfiguration vulnerability affects HCL VersionVault ExpressEPSS 0.5%CVE-2016-10630install-g-test downloads resources over HTTP, which leaves it vulnerable to MITM attacks.EPSS 0.5%CVE-2016-10654sfml downloads resources over HTTP, which leaves it vulnerable to MITM attacks.EPSS 0.5%CVE-2016-10673ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITEPSS 0.5%CVE-2016-10610unicode-json is a unicode lookup table. unicode-json before 2.0.0 downloads data resources over HTTP, which leaves it vulnerable to MITM attEPSS 0.5%CVE-2016-10652prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTPEPSS 0.5%CVE-2016-10619pennyworth is a natural language templating engine. pennyworth downloads data resources over HTTP, which leaves it vulnerable to MITM attackEPSS 0.5%CVE-2016-10616openframe-image is an Openframe extension which adds support for images via fbi. openframe-image downloads data resources over HTTP, which lEPSS 0.5%CVE-2024-35061HIGHNASA AIT-Core v2.5.2 was discovered to use unencrypted channels to exchange data over the network, allowing attackers to execute a man-in-thEPSS 0.5%CVE-2016-10552igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over insecure protocol.EPSS 0.5%CVE-2016-10597cobalt-cli downloads resources over HTTP, which leaves it vulnerable to MITM attacks.EPSS 0.5%CVE-2020-10039A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). An attackEPSS 0.5%CVE-2016-10613bionode-sra is a Node.js wrapper for SRA Toolkit. bionode-sra downloads data resources over HTTP, which leaves it vulnerable to MITM attacksEPSS 0.5%CVE-2023-42019MEDIUMIBM InfoSphere Information Server information disclosureEPSS 0.5%CVE-2022-22405MEDIUMIBM Aspera Faspex information disclosureEPSS 0.5%CVE-2020-28216A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker EPSS 0.5%CVE-2021-21963HIGHAn information disclosure vulnerability exists in the Web Server functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A speciallEPSS 0.5%CVE-2022-22386MEDIUMIBM Security Verify Privilege information disclosureEPSS 0.5%CVE-2022-22377MEDIUMIBM Security Verify Privilege information disclosureEPSS 0.5%