FortiOS - Insecure LDAP Configuration Detection

The FortiGate LDAP configuration was detected to be insecure due to missing ca-cert, secure LDAPS, or server-identity-check, potentially exposing LDAP communications to credential interception or man-in-the-middle attacks under specific network conditions. id: CVE-2019-5591 info: name: FortiOS -...

CVE-2026-42768

Issue summary: The CMSdecrypt and PKCS7decrypt functions are vulnerable to Bleichenbacher-style attack when an attacker is able to provide the CMS or S/MIME messages and observe the error code and/or decryption output. Impact summary: The Bleichenbacher-style attack allows an attacker to use the...

CVE-2026-10584

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

CVE-2026-10584 HTTPS Fallback to HTTP in Graph Explorer

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

CVE-2026-10584

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

CVE-2026-10584 HTTPS Fallback to HTTP in Graph Explorer

Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests intended to be sent over HTTPS. To remediate this issue, users should upgrade to Graph Explorer...

PT-2026-45817

Name of the Vulnerable Software and Affected Versions Graph Explorer versions prior to 3.0.1 Description The proxy server falls back to HTTP when certificate files are missing. This behavior may allow remote threat actors to intercept requests intended for HTTPS and obtain sensitive information...

Graph Explorer 安全漏洞

Graph Explorer is an interactive web application for visual exploration of graph databases, open-sourced by Amazon Web Services. Previous versions of Graph Explorer, such as 3.0.1, contained security vulnerabilities. These vulnerabilities stemmed from the proxy server falling back to HTTP when th...

Caddy: mTLS client authentication silently fails open when CA certificate file is missing or malformed

Summary Two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts without error but accepts any client certificate signed by any system-trusted CA,...

CVE-2026-25922

authentik is an open-source identity provider. Prior to 2025.8.6, 2025.10.4, and 2025.12.4, when using a SAML Source that has the option Verify Assertion Signature under Verification Certificate enabled and not Verify Response Signature, or does not have the Encryption Certificate setting under...

foreman_kubevirt disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set

A flaw was found in foremankubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority CA certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and...

PT-2024-29899 · Homepage · Homepage

Name of the Vulnerable Software and Affected Versions: Homepage version 0.9.1 Description: The default setup of Homepage is vulnerable to DNS rebinding due to the lack of certificate and authentication. An attacker can exploit this by changing the DNS records of their domain to the internal IP...

SUSE CVE-2022-3479

A vulnerability found in nss. By this security vulnerability, nss client auth crash without a user certificate in the database and this can lead us to a segmentation fault or crash...

CVE-2022-46496

BTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate...

Quassel 安全漏洞

Quassel Quassel IRC is a graphical, distributed, cross-platform IRC client. A security vulnerability exists in Quassel 0.13.1, which stems from launching without SSL or TLS support when --require-ssl is enabled, if an available X.509 certificate cannot be found on the local system...

Apple macOS High Sierra Mail component plaintext delivery vulnerability

Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Mail component is one of the email components. A security vulnerability exists in the Mail component of Apple macOS High Sierra prior to 10.13.2, which stems from the fact that an encrypted S/MIME email...

Apple Mac OS X Using Open Directory Plaintext Password Delivery Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. When the Apple Mac OS X service binds an Open Directory client but fails to install an OS X server certificate, the client sends password changes in clear text, which can be exploited by remote attackers to obtain sensitive information...