16 matches found
EUVD-2016-6599
Malware in sbrugna...
EUVD-2014-6649
Malware in sbrugna...
CVE-2022-27890
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack wou...
BSA-2019-842
Security Advisory ID : BSA-2019-842 Component : OpenSSL Revision : 1.0: Initial OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is...
Wapiti 3.0.0 - The Web-Application Vulnerability Scanner
Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans it does not study the source code of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of...
PT-2017-13465 · D Link · D-Link Dir-850L
Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 D-Link DIR-850L REV. B versions through FW208WWb02 Description: The issue concerns the D-Link NPAPI extension, which fails to verify X.509 certificates from SSL servers. This allow...
CVE-2016-4832
WAON "Service Application" for Android 1.4.1 and earlier does not verify SSL certificates...
CVE-2016-1132
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates...
LaLa Call App for Android fails to verify SSL server certificates
Overview LaLa Call App for Android provided by K-Opticom Corporation fails to verify SSL server certificates. Yuto Iso of NTT Security Japan KK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...
Information disclosure
The U by BB&T app 1.5.4 and earlier for iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
KLA10877 Multiple vulnerabilities in iTunes
Multiple serious vulnerabilities have been found in Apple iTunes. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities 1. Multiple unknown...
CVE-2014-7793
The CB - Calciatori Brutti aka com.calciatori.brutti application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7478
The nashaplaneta.su aka com.wNashaPlaneta application 1.02 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6646
The bellyhoodcom aka com.tapatalk.bellyhoodcom application 3.4.23 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5792
The Reign of Dragons: Build-Battle aka net.gree.android.pf.greeapp57501 application 2.4.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5716
The GUNSHIP BATTLE : Helicopter 3D aka com.theonegames.gunshipbattle application 1.1.7 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...