CVE-2025-52631

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

CVE-2025-52631

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

EUVD-2025-206680

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

CVE-2025-52631 HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability.

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

EUVD-2017-14859

Malware in sbrugna...

EUVD-2017-14861

Malware in sbrugna...

EUVD-2023-36986

Malicious code in bioql PyPI...

EUVD-2022-37424

Malicious code in bioql PyPI...

CVE-2022-34469

When a TLS Certificate error occurs on a domain protected by the HSTS header, the browser should not allow the user to bypass the certificate error. On Firefox for Android, the user was presented with the option to bypass the error; this could only have been done by the user explicitly. This bug...

AZL-52426 CVE-2024-9681 affecting package mysql for versions less than 8.0.40-3

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended. This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with host...

openSUSE: Security Advisory for qt6 (SUSE-SU-2023:3380-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to delete duplicate HSTS header

Explain how to eliminate the duplicate HSTS header Duplicated header HSTS Why? it could come from a backend server, and also being applied from the ADC Vserver configuration, so we need to decide which header to keep. In this case, the client wants to delete the HSTS header coming from the server...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : qt6-base (SUSE-SU-2023:3225-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3225-1 advisory. - Qt before 6.4.3 allows a denial of service via a crafted string when the SQL ODBC driver plugi...

SUSE-SU-2023:3018-1 Security update for libqt5-qtbase

This update for libqt5-qtbase fixes the following issues: - CVE-2023-34410: Fixed certificate validation does not always consider whether the root of a chain is a configured CA certificate bsc1211994. - CVE-2023-33285: Fixed buffer overflow in QDnsLookup bsc1211642. - CVE-2023-32762: Fixed Qt...

OESA-2023-1387 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established,...

Insecure Handling Of Strict-Transport-Security Header

qt6-qtbase is vulnerable to Insecure Handling of Strict-Transport-Security Header. The vulnerability occurs because Qt Network incorrectly parses the Strict-Transport-Security HSTS header, which can result in unencrypted connections being established even when the server explicitly prohibits them...

MGASA-2023-0190 Updated qtbase5 packages fix security vulnerability

Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. CVE-2023-32762 QTextLayout buffer overflow in SVG file...

SUSE CVE-2023-32762

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the cas...

CVE-2023-32762

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the cas...

DEBIAN-CVE-2023-32762

An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security HSTS header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the cas...