CVE-2026-23812

A vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or...

HPE Aruba Networking Wireless Operating System 安全漏洞

HPE Aruba Networking Wireless Operating System is a wireless network operating system developed by the American company HPE. There are security vulnerabilities in the HPE Aruba Networking Wireless Operating System. These vulnerabilities allow attackers to simulate gateways using address-based...

PT-2025-50538

Name of the Vulnerable Software and Affected Versions Mobile application affected versions not specified Description A missing certificate validation allows an attacker positioned upstream to intercept and decrypt TLS traffic from the mobile application. This interception enables the attacker to...

Apache Spark 安全漏洞

Apache Spark is a large-scale data processing engine that supports acyclic data streaming and in-memory computing from the Apache Foundation. Apache Spark suffers from a cryptographic issue vulnerability that stems from the use of insecure default network encryption ciphers for inter-node RPC...

EUVD-2014-1288

Malware in sbrugna...

EUVD-2018-11791

Malware in sbrugna...

EUVD-2012-4061

Malware in sbrugna...

EUVD-2023-42907

Malicious code in bioql PyPI...

Amazon Cloud Cam 安全漏洞

Amazon Cloud Cam is an HD webcam from Amazon. A security vulnerability exists in Amazon Cloud Cam that stems from the device's default pairing state allowing bypassing SSL fixes, which could lead to network traffic interception and modification...

CVE-2019-10929

A vulnerability has been identified in SIMATIC CP 1626 All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC incl. SIPLUS variants All versions, SIMATIC ET 200SP Open Controller CPU 1515SP PC2 incl. SIPLUS variants All versions V20.8, SIMATIC HMI Panel incl. SIPLUS variants All versions,...

CVE-2024-41681

A vulnerability has been identified in Location Intelligence family All versions V4.4. The web server of affected products is configured to support weak ciphers by default. This could allow an unauthenticated attacker in an on-path position to to read and modify any data passed over the connectio...

BIT-CILIUM-OPERATOR-2023-29002 Debug mode leaks confidential data in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the cilium-secrets namespace. This could include data such as TLS private keys for Ingress and GatewayAPI resources. An attacker with access to debug...

UBUNTU-CVE-2023-49933

An issue was discovered in SchedMD Slurm 22.05.x, 23.02.x, and 23.11.x. There is Improper Enforcement of Message Integrity During Transmission in a Communication Channel. This allows attackers to modify RPC traffic in a way that bypasses message hash checks. The fixed versions are 22.05.11,...

Seiko Solutions SkyBridge 信任管理问题漏洞

Seiko Solutions SkyBridge is a series of routers from Seiko Solutions, Japan. A security vulnerability exists in Seiko Solutions SkyBridge MB-A200 firmware version 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware version 1.4.1 and earlier. An attacker could exploit the vulnerability to...

SolarWinds Engineer Toolset 安全漏洞

SolarWinds Engineer Toolset is a network software package from SolarWinds USA. It can help you discover, configure, monitor and troubleshoot your network. A security vulnerability exists in SolarWinds Engineer Toolset version 2020.2.6 HF4, which stems from its inability to prevent users from...

PT-2022-10451 · Solarwinds · Engineer'S Toolset

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffi...

Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect WebSphere Process Server (CVE-2015-4000)

Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of IBM WebSphere Application Server Full Profile that is shipped as a component of WebSphere Process Server. The IBM HTTP Server used by WebSphere Application Server is not affected. Vulnerability...

CVE-2021-0235

The CVE-2021-0235 issue affects Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, and vSRX Series in multi-tenant environments. Root cause: incorrect permission scheme assigned to tenant system administrators, which may allow a tenant admin to misdire...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM DataQuant for Workstation (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM DataQuant for Workstation. Vulnerability Details CVEID: CVE-2015-4000 The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey...

Security Bulletin:Vulnerability in Diffie-Hellman ciphers affects Rational Synergy (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Synergy Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey ...