SUSE CVE-2026-26994

uTLS is a fork of crypto/tls, created to customize ClientHello for fingerprinting resistance while still using it for the handshake. In versions 1.6.7 and below, uTLS did not implement the TLS 1.3 downgrade protection mechanism specified in RFC 8446 Section 4.1.3 when using a uTLS ClientHello spe...

CVE-2022-38956

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi Range Extender. An attacker can conduct a MITM attack to replace the user-uploaded firmware image with an original old firmware image. This affects Firmware 1.1.11.1.9 and earlier...

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data...

CVE-2025-44018

A firmware downgrade vulnerability exists in the OTA Update functionality of GL-Inet GL-AXT1800 4.7.0. A specially crafted .tar file can lead to a firmware downgrade. An attacker can perform a man-in-the-middle attack to trigger this vulnerability...

DEBIAN-CVE-2025-11934

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...

CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously...

CVE-2025-43468

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to access sensitive user data...

EUVD-2018-15619

Malware in sbrugna...

EUVD-2020-20160

Malware in sbrugna...

EUVD-2020-20159

Malware in sbrugna...

EUVD-2019-14763

Malware in sbrugna...

EUVD-2018-15677

Malware in sbrugna...

EUVD-2022-41503

Malicious code in bioql PyPI...

EUVD-2025-29615

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-57804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform...

Linux Distros Unpatched Vulnerability : CVE-2019-10191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in DNS resolver of knot resolver before version 4.1.0 which allows remote attackers to downgrade DNSSEC-secure domains to...

Linux Distros Unpatched Vulnerability : CVE-2019-16791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In postfix-mta-sts-resolver before 0.5.1, All users can receive incorrect response from daemon under rare conditions, rendering downgrade of effective STS polic...

CVE-2025-57804 h2 allows HTTP Request Smuggling due to illegal characters in headers

h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without...

PT-2025-34549 · Undefined · Undefined

CVE-2023-3948 - CVE-2021-4034: Cisco ASA SSL/TLS Downgrade Vulnerability CVE ID : CVE-2023-3948 Published : Aug. 21, 2025, 11:15 p.m. | 1 hour ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more...

CVE-2025-8321

Tesla Wall Connector Firmware Downgrade Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...