EUVD-2023-58314

Malicious code in bioql PyPI...

EUVD-2023-53522

Malicious code in bioql PyPI...

EUVD-2023-58312

Malicious code in bioql PyPI...

EUVD-2023-53523

Malicious code in bioql PyPI...

CVE-2023-49570

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-49567

A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5...

CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...

CVE-2023-6055

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

CVE-2023-6057

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...

CVE-2023-6055

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-49570

CVE-2023-49570 affects Bitdefender Total Security through HTTPS scanning trust management. The flaw arises when the product trusts a certificate whose Basic Constraints mark it as an End Entity, enabling potential MITM where an attacker could intercept and possibly modify traffic between a user a...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-49567 Insecure Trust of certificates using collision hash functions in Bitdefender Total Security HTTPS Scanning (VA-11239)

A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5...

CVE-2023-49567

The CVE concerns Bitdefender Total Security HTTPS scanning that incorrectly validates site certificates, allowing MITM SSL connections. Affected software: Bitdefender Total Security (HTTPS scanning component). Root cause: trust of certificates issued using MD5 and SHA1 collision hash functions en...

CVE-2023-6057 Insecure Trust of DSA-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11166)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

CVE-2023-6057 Insecure Trust of DSA-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11166)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

CVE-2023-6056 Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...

CVE-2023-6056 Insecure Trust of Self-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11164)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...