6 matches found
EUVD-2024-35241
Malicious code in bioql PyPI...
EUVD-2024-17257
Malicious code in bioql PyPI...
CVE-2024-35210
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information...
CVE-2024-1509
Brocade ASCG before 3.2.0 Web Interface is not enforcing HSTS, as defined by RFC 6797. HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate via HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks...
CVE-2024-35210
A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected web server is not enforcing HSTS. This could allow an attacker to perform downgrade attacks exposing confidential information...
Weblate: Incorrect HTTPS Certificate
Weblate appears to have a public facing git repository located at git.weblate.org that utilises HTTPS when viewed in the browser. As a side note, netcat to port 80 results in the default debian landing page. 77.78.107.252 - git.weblate.org The site has an incorrectly configured certificate, and...