EUVD-2022-36028

Malicious code in bioql PyPI...

FortiAnalyzer & FortiManager - Lack of client-side certificate validation when establishing secure connections with FortiGuard to download outbreakalert

An improper certificate validation vulnerability CWE-295 in FortiAnalyzer and FortiManager may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the remote FortiGuard server hosting outbreakalert ressources...

CVE-2022-32960

HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...

CVE-2022-29229 Missing Cryptographic Step in cassproject

CaSS is a Competency and Skills System. CaSS Library, npm:cassproject has a missing cryptographic step when storing cryptographic keys that can allow a server administrator access to an account’s cryptographic keys. This affects CaSS servers using standalone username/password authentication, whic...

CVE-2019-1859

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

CVE-2019-1859

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

Design/Logic Flaw

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...

CVE-2019-1859 Cisco Small Business Switches Secure Shell Certificate Authentication Bypass Vulnerability

A vulnerability in the Secure Shell SSH authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. The vulnerability exists because OpenSSH mishandles the authentication process. ...