pgjdbc: pgjdbc insecure authentication in channel binding

A connection handling flaw was found in the pgjdbc connection driver in configurations that require channel binding. Connections created with authentication methods that should not allow channel binding permit connections to use channel binding. This flaw allows attackers to position themselves i...

CVE-2019-19097

ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection...

CVE-2017-2857

CVE-2017-2857 is a buffer overflow in the Foscam C1 Indoor HD Camera DDNS client when DDNS is enabled (notably 9299.org). The vulnerability arises in the DDNS update path: the code parses the response to extract the IP address after the “Current IP Address:” string without enforcing input size bo...

Network protocols security: View from client side

Security of Common Application Network Protocols: A Client's Perspective Having received an offer to write an article about the security of network protocols and their vulnerabilities, at first I wanted to refuse - it seems that everything that can be written on this topic has already been writte...

PT-2003-2252 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server with mod php module affected versions not specified Description: The mod php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the...