4 matches found
PT-2021-20922 · Openvpn · Openvpn 3 Core Library
Name of the Vulnerable Software and Affected Versions: OpenVPN 3 Core Library versions 3.6 through 3.6.1 Description: The issue allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the...
USN-4433-1 openjdk-lts vulnerabilities
Johannes Kuhn discovered that OpenJDK incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. CVE-2020-14556 It was discovered that OpenJDK incorrectly handled memory allocation when reading TIFF image files. An attacker could possibly use...
CVE-2012-2500
Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470...
Cisco AnyConnect Secure Mobility Client 3.0 < 3.0 MR8 Multiple Vulnerabilities
The remote host has a version of Cisco AnyConnect 3.0 MR8. Such versions are affected by the following vulnerabilities : - The HostScan VPN downloader implementation does not compare timestamps of offered software to install with currently installed software, which may allow remote attackers to...