CVE-2019-25652

UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...

CVE-2019-25652 UniFi Network Controller Improper Certificate Validation Leading to Credential Theft via MITM

UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attackers can intercept...

CVE-2024-56521

The CVE-2024-56521 issue affects TCPDF prior to 6.8.0. When libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely, enabling a high-severity, network‑based impact per CVSS 3.1 data (base score 9.8). Public advisories (e.g., Fedora updates FEDORA-2024-d6b0e72e3d and FE...

DEBIAN-CVE-2012-6086

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPTSSLVERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...