80 matches found
curl 安全漏洞
curl is an open-source tool developed by cURL for transferring data from or to a server. There is a security vulnerability in curl, which stems from a failure in OCSP binding detection. This failure may lead to an incorrect assumption that the server’s certificate is valid...
PT-2026-35897
Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description When using the Certificate Status Request TLS extension, commonly known as OCSP stapling, to verify server certificate validity, the software fails to detect OCSP problems and incorrectly treats...
CVE-2025-15573
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
CVE-2025-15573
The CVE-2025-15573 entry describes a lack of server certificate validation when devices connect to the SolaX Cloud MQTTS server (mqtt001.solaxcloud.com:8883) hosted on Alibaba Cloud. This enables a man-in-the-middle attacker to impersonate the legitimate MQTT server and dispatch arbitrary command...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
EUVD-2025-206522
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
CVE-2025-53869
CVE-2025-53869 affects Brother MFPs (brother INDUSTRIES, LTD) where the product does not properly validate server certificates. The underlying issue is improper certificate validation (CWE-295) that can enable a man-in-the-middle attacker to replace the product’s root certificate store with arbit...
CVE-2025-40801
A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, JT Bi-Directional Translator for STEP All versions, NX V2412 All versions V2412.8900 with Cloud Entitlement bundled as NX X, NX V2506 All versions V2506.6000 with Cloud Entitlement bundled a...
CVE-2025-40800
CVE-2025-40800 affects Siemens products including COMOS, NX, Simcenter 3D/Femap, and Solid Edge. The IAM client in these products fails to validate server certificates when establishing TLS connections to the authorization server, enabling potential man-in-the-middle attacks. Affected versions in...
CVE-2025-40800
A vulnerability has been identified in COMOS V10.6 All versions V10.6.1, COMOS V10.6 All versions V10.6.1, NX V2412 All versions V2412.8700, NX V2506 All versions V2506.6000, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Solid Edge SE2025 All versions V225.0 Updat...
PT-2025-49833
A vulnerability has been identified in COMOS V10.6 All versions, COMOS V10.6 All versions, JT Bi-Directional Translator for STEP All versions, NX V2412 All versions V2412.8900 with Cloud Entitlement bundled as NX X, NX V2506 All versions V2506.6000 with Cloud Entitlement bundled as NX X, Simcente...
Siemens多款产品 信任管理问题漏洞
Siemens Simcenter Femap and others are products of Siemens, a German company.Siemens Simcenter Femap is a cutting-edge engineering simulation application.Siemens NX is Siemens COMOS is a process industry operations management software. A trust management issue vulnerability exists in various...
EUVD-2013-0292
Malware in sbrugna...
EUVD-2014-3246
Malware in sbrugna...
EUVD-2021-0871
Malware in sbrugna...
EUVD-2008-1123
Malware in sbrugna...
EUVD-2020-3530
Malware in sbrugna...
EUVD-2013-6609
Malware in sbrugna...
EUVD-2023-44264
Malicious code in bioql PyPI...
EUVD-2024-25195
Malicious code in bioql PyPI...