AlmaLinux 10 : thunderbird (ALSA-2026:3517)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3517 advisory. libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox: Invalid pointer in the JavaScript Engine component CVE-2026-2785 firefox: Memory safety bug...

CVE-2025-12383 Race Condition allows Bypass of Trust Restrictions

In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but under certain...

CVE-2025-62371

OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugin...

EUVD-2020-0400

Malware in sbrugna...

CVE-2020-1929

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...

OTRS Trust Management Issue Vulnerability

OTRS is an application from OTRS Germany. A service management software. A security vulnerability exists in OTRS versions prior to 7.0.47, 8.0.37, and OTRS Community Edition versions 6.0.X through 6.0.34, which arises from the ability to obtain email via POP3 or IMAP and send email via SMTP using...

WEM Agent not connecting to Citrix Cloud after the upgrade

Few WEM agent are not registering to the Cloud WEM Server after the WEM agent upgrade. Debug logs would have the below entries: Event - BaseBrokerClient1.GetConnectorAuthContext : Successfully acquired connector authentication context. Exception -...

SUSE SLES15 Security Update : mozilla-nss (SUSE-SU-2023:0130-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0130-1 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the...

Improper Certificate Validation in Apache Beam

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...

GHSA-2M7G-9Q74-9M3Q Improper Certificate Validation in Apache Beam

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...

Insecure TLS Configuration

Apache Beam MongoDB connector uses insecure TLS configurations. The option to disable SSL trust verification is not properly handled and causes the trust verification to be disabled in all cases. This allows a remote attacker to perform man-in-the-middle attacks against the server...

CVE-2020-1929

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...

CVE-2020-1929

The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust...

CVE-2020-1929

The CVE-2020-1929 entry concerns the Apache Beam MongoDB connector. Affected versions 2.10.0–2.16.0 expose an option to disable SSL trust verification, but the configuration is not respected and disables trust verification in all cases. This exclusion is registered globally, affecting any code ru...

Error: You Have not Chosen to Trust "Certificate Authority" from MAC Devices

SSL Trust issue on Mac...