CVE-2026-45433

This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of HTTPS traffic and...

PT-2026-44519

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Public Sector Financials International versions 12.2.6 through 12.2.15 Description An issue exists in the Authorization component of Oracle Public Sector Financials International. A low privileged attacker with...

CVE-2026-32947

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versions 2.15.1 and below, a DNS over HTTPS DoH vulnerability allows attackers to bypass egress-policy: block network restrictions by tunneling exfiltrated data through permitted HTTPS endpoints like...

Protection Mechanism Failure

Overview mad-proxy is a Lightweight HTTP/HTTPS interception proxy with real-time traffic firewall and domain block. Affected versions of this package are vulnerable to Protection Mechanism Failure via the HTTP/HTTPS Traffic. An attacker can access sensitive traffic by bypassing established...

Linux Distros Unpatched Vulnerability : CVE-2023-22081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions tha...

PT-2025-9137

Name of the Vulnerable Software and Affected Versions Brocade ASCG versions prior to 3.2.0 Description The issue concerns the lack of HTTP Strict Transport Security HSTS enforcement in the web interface, as defined by RFC 6797. HSTS is an optional response header that can be configured on the...

squid: Denial of Service in SSL Certificate validation

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

squid: Denial of Service in SSL Certificate validation

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

UBUNTU-CVE-2023-21967

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

DEBIAN-CVE-2022-41317

An issue was discovered in Squid 4.9 through 4.17 and 5.0.6 through 5.6. Due to inconsistent handling of internal URIs, there can be Exposure of Sensitive Information about clients using the proxy via an HTTPS request to an internal cache manager URL. This is fixed in 5.7...

Threat Outbreak Alert RuleID22216: Email Messages Distributing Malicious Software on April 14, 2016

Medium Alert ID: 44658 First Published: 2016 April 14 13:46 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22216 may contain the following files: Name | Si...

DEBIAN-CVE-2015-8400

The HTTPS fallback implementation in Shell In A Box aka shellinabox before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL...

SSL/TLS CRIME attack against HTTPS

The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differenc...

PT-2012-3612 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2, R2, and R2 SP1 Microsoft Windows 7 Gold and SP1 Description: The issue allows remote web servers to obtain...