Monthly
PaperCut NG/MF embedded application on Konica Minolta multifunction devices transmits sensitive session data over an insecure communication channel, enabling session hijacking and potential credential theft or phishing attacks against end users. The vulnerability affects all versions of the embedded application and was discovered internally by PaperCut; no public exploit code or active exploitation has been confirmed at this time.
Libsoup transmits sensitive session cookies in cleartext within HTTP CONNECT requests when establishing HTTPS tunnels through configured HTTP proxies, allowing network-positioned attackers or malicious proxies to intercept and hijack user sessions. The vulnerability affects Red Hat Enterprise Linux versions 6 through 10 and carries a CVSS 5.9 score with high confidentiality impact; no public exploit code or confirmed active exploitation has been identified at the time of analysis.
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an information disclosure vulnerability caused by improper handling of JSON server responses, allowing authenticated attackers to expose sensitive data. The vulnerability requires low-complexity network access with valid credentials but does not require user interaction, making it accessible to any authenticated user with network connectivity. No evidence of active exploitation in the wild has been identified, though a patch is available from the vendor.
IBM Concert versions 1.0.0 through 2.2.0 transmit sensitive data in cleartext, allowing attackers to intercept and read this information via man-in-the-middle (MITM) attacks. The vulnerability affects all versions within the specified range of the IBM Concert application. An attacker positioned on the network path between a client and Concert server can eavesdrop on communications to obtain confidential information, though exploitation requires moderate attack complexity and active network positioning.
Cisco Meraki devices running vulnerable IOS XE Software transmit configuration data over unencrypted channels, enabling remote attackers to intercept sensitive device information through on-path attacks. The vulnerability requires user interaction and network proximity but carries no patch availability, leaving affected organizations exposed until remediation is implemented. This affects both Cisco and Apple products integrating the vulnerable software.
The Shenzhen HCC Technology MPOS M6 PLUS device running firmware version 1V.31-N contains a cleartext transmission vulnerability in its Cardholder Data Handler component that allows attackers on the local network to intercept sensitive information. An attacker with network access can manipulate the affected component to force transmission of cardholder data in cleartext, compromising payment card information. A publicly available proof-of-concept exists on GitHub, and the vulnerability has a CVSS score of 3.1 (low severity) due to high attack complexity requirements, though the exploitation difficulty rating suggests real-world risk depends heavily on network proximity and attacker capabilities.
This vulnerability affects Automated Logic's WebCTRL Premium Server, which transmits BACnet protocol data in cleartext without encryption. An attacker positioned on the network can sniff sensitive service information including File Start Position, File Data, and proprietary PLC update formats using tools like Wireshark, enabling both information disclosure and potential integrity attacks through modification of intercepted traffic. With a CVSS score of 9.1 (Critical) and network-based attack vector requiring no privileges or user interaction, this represents a significant exposure for building automation systems.
Cryptomator's Hub-based unlock flow contains a protocol downgrade vulnerability that allows the application to communicate with Hub endpoints over plaintext HTTP instead of enforcing HTTPS. Cryptomator versions prior to 1.19.1 are affected, exposing OAuth bearer tokens, key-loading traffic, and endpoint-level trust decisions to network interception and tampering by active attackers. This is a verified GitHub security advisory with patches available in version 1.19.1, though no EPSS score or KEV listing indicates limited evidence of active exploitation.
A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.
PaperCut NG/MF embedded application on Konica Minolta multifunction devices transmits sensitive session data over an insecure communication channel, enabling session hijacking and potential credential theft or phishing attacks against end users. The vulnerability affects all versions of the embedded application and was discovered internally by PaperCut; no public exploit code or active exploitation has been confirmed at this time.
Libsoup transmits sensitive session cookies in cleartext within HTTP CONNECT requests when establishing HTTPS tunnels through configured HTTP proxies, allowing network-positioned attackers or malicious proxies to intercept and hijack user sessions. The vulnerability affects Red Hat Enterprise Linux versions 6 through 10 and carries a CVSS 5.9 score with high confidentiality impact; no public exploit code or confirmed active exploitation has been identified at the time of analysis.
IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 contain an information disclosure vulnerability caused by improper handling of JSON server responses, allowing authenticated attackers to expose sensitive data. The vulnerability requires low-complexity network access with valid credentials but does not require user interaction, making it accessible to any authenticated user with network connectivity. No evidence of active exploitation in the wild has been identified, though a patch is available from the vendor.
IBM Concert versions 1.0.0 through 2.2.0 transmit sensitive data in cleartext, allowing attackers to intercept and read this information via man-in-the-middle (MITM) attacks. The vulnerability affects all versions within the specified range of the IBM Concert application. An attacker positioned on the network path between a client and Concert server can eavesdrop on communications to obtain confidential information, though exploitation requires moderate attack complexity and active network positioning.
Cisco Meraki devices running vulnerable IOS XE Software transmit configuration data over unencrypted channels, enabling remote attackers to intercept sensitive device information through on-path attacks. The vulnerability requires user interaction and network proximity but carries no patch availability, leaving affected organizations exposed until remediation is implemented. This affects both Cisco and Apple products integrating the vulnerable software.
The Shenzhen HCC Technology MPOS M6 PLUS device running firmware version 1V.31-N contains a cleartext transmission vulnerability in its Cardholder Data Handler component that allows attackers on the local network to intercept sensitive information. An attacker with network access can manipulate the affected component to force transmission of cardholder data in cleartext, compromising payment card information. A publicly available proof-of-concept exists on GitHub, and the vulnerability has a CVSS score of 3.1 (low severity) due to high attack complexity requirements, though the exploitation difficulty rating suggests real-world risk depends heavily on network proximity and attacker capabilities.
This vulnerability affects Automated Logic's WebCTRL Premium Server, which transmits BACnet protocol data in cleartext without encryption. An attacker positioned on the network can sniff sensitive service information including File Start Position, File Data, and proprietary PLC update formats using tools like Wireshark, enabling both information disclosure and potential integrity attacks through modification of intercepted traffic. With a CVSS score of 9.1 (Critical) and network-based attack vector requiring no privileges or user interaction, this represents a significant exposure for building automation systems.
Cryptomator's Hub-based unlock flow contains a protocol downgrade vulnerability that allows the application to communicate with Hub endpoints over plaintext HTTP instead of enforcing HTTPS. Cryptomator versions prior to 1.19.1 are affected, exposing OAuth bearer tokens, key-loading traffic, and endpoint-level trust decisions to network interception and tampering by active attackers. This is a verified GitHub security advisory with patches available in version 1.19.1, though no EPSS score or KEV listing indicates limited evidence of active exploitation.
A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remote attacker to obtain sensitive information in cleartext in a communication channel that can be sniffed by unauthorized actors.