CVE-2025-67752

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 7.0.4, OpenEMR's HTTP client wrapper oeHttp/oeHttpRequest disables SSL/TLS certificate verification by default verify: false, making all external HTTPS connections vulnerable ...

Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology OT networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues...

CVE-2025-43515

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

EUVD-2025-175367

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

CVE-2025-43515

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

CVE-2025-43515

The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as a Compressor server may be able to execute arbitrary code...

Apple Compressor 安全漏洞

Apple Compressor is a video encoding and transcoding software from Apple USA. A security vulnerability exists in Apple Compressor versions prior to 4.11.1, which stems from an improper default denial of external connections and could lead to the execution of arbitrary code by unauthenticated user...

About the security content of Compressor 4.11.1

About the security content of Compressor 4.11.1 This document describes the security content of Compressor 4.11.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases ar...

EUVD-2017-9497

Malware in sbrugna...

EUVD-2020-6653

Malware in sbrugna...

EUVD-2007-1485

Malware in sbrugna...

EUVD-2022-44908

Malicious code in bioql PyPI...

EUVD-2022-34090

Malicious code in bioql PyPI...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

CVE-2022-29767

adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service DoS via high CPU usage due to a large number of connections...

CVE-2020-14517

Protocol encryption can be easily broken for CodeMeter All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API...

PT-2024-27243 · Unknown · Ada Web Server

Name of the Vulnerable Software and Affected Versions: Ada Web Server version 20.0 Description: An issue was discovered in Ada Web Server when configured to use SSL, which is not the default setting. The SSL/TLS used to establish connections to external services is done without proper hostname...

How to Configure NetScaler and StoreFront for Internal and External Connections

This article describes how to configure NetScaler and StoreFront with two NetScaler Gateways, two StoreFront sites, two different subnet IPs, and one URL for both internal and external connections...

CVE-2023-29046

Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...

Design/Logic Flaw

Connections to external data sources, like e-mail autoconfiguration, were not terminated in case they hit a timeout, instead those connections were logged. Some connections use user-controlled endpoints, which could be malicious and attempt to keep the connection open for an extended period of...