UBUNTU-CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

GHSA-M9GH-789G-Q5PV Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates

Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority...

EUVD-2022-41706

Malicious code in bioql PyPI...

CVE-2022-39161

IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and IBM WebSphere Application Server Liberty, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to conduct spoofing attacks. A man-in-the-middle attacker could...

Update NetScaler Console certificate

NetScaler Console allows you to replace the default inbuilt database certificates with your own certificates from a trusted certificate authority. You can also configure your own cipher suites in the NetScaler Console database. This feature provides greater flexibility and security for your...

CVE-2025-20661

In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3185...

drm/amdgpu: Validate TA binary size

...

IBM WebSphere Application Server 8.5.x < 8.5.5.27 / 9.x < 9.0.5.21 Information Disclosure (7165511)

The version of IBM WebSphere Application Server running on the remote host is affected by an information disclosure vulnerability as referenced in the 7165511 advisory. - IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. A...

CVE-2023-50314

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713...

CVE-2023-50314

CVE-2023-50314 impacts IBM WebSphere Application Server Liberty versions 17.0.0.3 through 24.0.0.8. The IBM bulletin notes an attacker with network access could perform spoofing and obtain sensitive information by exploiting improper certificate validation using a certificate from a trusted CA. A...

CVE-2023-50314 IBM WebSphere Application Server Libery information disclosure

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274713...

CVE-2023-50315

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this vulnerability using a certificate issued by a trusted authority to obtain sensitive information. IBM X-Force ID: 274714...

CVE-2023-50315

CVE-2023-50315 affects IBM WebSphere Application Server 8.5 and 9.0. The provided documents describe an information disclosure risk via spoofing attacks where an attacker with network access could leverage a certificate from a trusted authority to obtain sensitive data. The issue is tied to impro...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to information disclosure (CVE-2023-50314)

Summary IBM WebSphere Application Server Liberty is vulnerable to information disclosure. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty could allow an attacker with access to the network to conduct spoofing attacks. An attacker could exploit this...

IBM WebSphere Application Server 8.5.0.0 < 8.5.5.24, 9.0.0.0 < 9.0.5.16 MitM (6987779)

The IBM WebSphere Application Server running on the remote host is affected by a man-in-the-middle vulnerability. IBM WebSphere Application Server 8.5 and 9.0, when configured to communicate with the Web Server Plug-ins for IBM WebSphere Application Server, could allow an authenticated user to...

FortiGate 信任管理问题漏洞

Fortinet FortiGate is a suite of network security platforms from the American company Fiat Fortinet. The platform provides firewall, antivirus and intrusion prevention IPS, application control, anti-spam, wireless controller and WAN acceleration. A trust management issue vulnerability exists in...

BlackHat issues resolved: Windows programs digital signature verification“vulnerability”-vulnerability warning-the black bar safety net

In this year's black hat conference, foreign a security researcher shows how by the Windows digital signature bypass for malicious code detection. Download the General Assembly of the presentation of the ppt probably looked at it, the report is divided into two parts, the first part shows the...

USN-2945-1 xchat-gnome vulnerability

It was discovered that XChat-GNOME incorrectly verified the hostname in an SSL certificate. An attacker could trick XChat-GNOME into trusting a rogue server's certificate, which was signed by a trusted certificate authority, to perform a machine-in-the-middle attack...

gnutls: incorrect handling of V1 intermediate certificates

GnuTLS before 2.7.6, when the GNUTLSVERIFYALLOWX509V1CACRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different...