24 matches found
CVE-2026-15925
Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 and 3.18.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this b...
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...
Important: Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2.SP1 security update
An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...
Improper Certificate Validation
Netty is vulnerable to Improper Certificate Validation. The vulnerability is due to improper wrapping of user-supplied X509TrustManager instances that bypasses hostname verification during TLS certificate validation, which allows an attacker to perform man-in-the-middle attacks using certificates...
CVE-2026-50010
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...
cve-2026-41714 - MEDIUM - In Spring AMQP the `RabbitConnectionFactoryBean.setUri("amqps://...")` bypasses secure SSL setup, uses `TrustEverythingTrustManager`
cve-2026-41714 - MEDIUM - In Spring AMQP the RabbitConnectionFactoryBean.setUri"amqps://..." bypasses secure SSL setup, uses TrustEverythingTrustManager...
CVE-2026-24281 Apache ZooKeeper: Reverse-DNS fallback enables hostname verification bypass in ZooKeeper ZKTrustManager
Hostname verification in Apache ZooKeeper ZKTrustManager falls back to reverse DNS PTR when IP SAN validation fails, allowing attackers who control or spoof PTR records to impersonate ZooKeeper servers or clients with a valid certificate for the PTR name. It's important to note that attacker must...
Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch
Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...
CVE-2025-59060 Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient
Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...
CVE-2025-59060
Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...
CVE-2025-59060
Summary: CVE-2025-59060 describes a hostname verification bypass in Apache Ranger’s NiFiRegistryClient/NiFiClient. The issue is reported for Apache Ranger versions ≤ 2.7.0 and is fixed by upgrading to version 2.8.0. Affected components: NiFiRegistryClient and NiFiClient within Apache Ranger. Root...
CVE-2025-59060 Apache Ranger: Hostname verification bypass in NiFiRegistryClient and NifiClient
Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions = 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue...
PT-2026-22729
Name of the Vulnerable Software and Affected Versions Apache Ranger versions prior to 2.8.0 Description A hostname verification bypass issue exists in Apache Ranger NiFiRegistryClient/NiFiClient. This issue allows bypassing hostname verification. Recommendations Upgrade to version 2.8.0...
MiracleLinux 7 : rh-nodejs12-nodejs-12.18.2-1.el7 (AXSA:2020-219:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-219:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 nodejs-minimist:...
EUVD-2025-29188
Malicious code in bioql PyPI...
AVTECH EagleEyes 安全漏洞
AVTECH EagleEyes is a remote instant monitoring mobile application from AVTECH, a Taiwan, China-based company. A security vulnerability exists in AVTECH EagleEyes version 2.0.0, which originates from setting ALLOWALLHOSTNAMEVERIFIER to bypass domain name authentication, which could lead to a...
CVE-2025-7395
A certificate verification error in wolfSSL when building with the WOLFSSLSYSCACERTS and WOLFSSLAPPLENATIVECERTVALIDATION options results in the wolfSSL client failing to properly verify the server certificate's domain name, allowing any certificate issued by a trusted CA to be accepted regardles...
Mageia: Security Advisory (MGASA-2014-0557)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : nodejs:12 (CESA-2020:2852)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:2852 advisory. - nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 - nodejs-minimist: prototype pollution allows adding or modifying properties of...