8 matches found
EUVD-2025-29191
Malicious code in bioql PyPI...
CVE-2025-50944
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation...
CVE-2025-50944
An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation...
CVE-2025-50944
CVE-2025-50944 affects AVTECH EagleEyes 2.0.0. The vulnerability is in push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted where a custom X509TrustManager only checks certificate expiration date and does not perform proper TLS chain validation, enabling potential MITM or improper trust ...
Secure Hub 10.5 : Enrollment fails with error : "Can't enroll device- WorxHome cannot enroll device because it failed to establish a secure connection with server"
Using an older Secure Hub version confirmed on 10.5, 10.6.0, enrollment fails right after enrollment URL without being able to get to authentication screen with the following: Logs will show the following: 05-03 12:12:29.406 10851 10869 D "SecureHub": "DETAIL...
CVE-2004-1756
BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers...
BEA WebLogic Server fails to properly validate certificate chains
Overview There is a vulnerability in BEA WebLogic Server in which certificate chains rejected by the custom trust manager could still be accepted by the server. Description BEA Systems describes WebLogic Server as "an industrial-strength application infrastructure for developing, integrating,...
CVE-2004-1756
BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers...