CVE-2026-32105

A flaw was found in xrdp, an open-source Remote Desktop Protocol RDP server. When using the "Classic RDP Security" layer, xrdp fails to verify the Message Authentication Code MAC signature of encrypted RDP packets. This oversight allows an unauthenticated attacker with man-in-the-middle MITM...

The Digital Transformation Age Is Dawning: Do You Know Where Your Certificates Are?

How many digital certificates are in use in your organization? When do they expire? Do you have a way of discovering digital certificates from unapproved Certificate Authorities? Most organizations can't answer these questions with complete certainty, because they lack the necessary visibility an...

Gratipay: Insecure Transportation Security Protocol Supported (TLS 1.0)

Description: Its observed that that insecure transportation security protocol TLS 1.0 is supported by your web server. TLS 1.0 has several flaws. An attacker can cause connection failures and they can trigger the use of TLS 1.0 to exploit vulnerabilities like BEAST. Websites using TLS 1.0 will be...

SSH connections using RC4 and password authentication can be replayed

Overview This vulnerability may allow an attacker to replay a captured SSH1 session. Description Preconditions: Client requests RC4 and the server grants request Client uses password authentication When an SSH1 session using the RC4 cipher is established, the client and server agree upon a sessio...