CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

Cisco Adaptive Security Appliance and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

PT-2024-7457 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to improper validation of data in HTTPS POST requests...

[SECURITY] Fedora 40 Update: rust-hyper-rustls-0.27.3-1.fc40

Rustls+hyper integration for pure rust HTTPS...

[SECURITY] Fedora 39 Update: rust-hyper-rustls-0.27.3-1.fc39

Rustls+hyper integration for pure rust HTTPS...

CVE-2023-49570

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...

CVE-2023-49567

A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5...

CVE-2023-6056

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificates signed with the RIPEMD-160 hashing algorithm without proper validation, allowing an attacker to...

CVE-2023-6057

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

CVE-2023-6055

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

CVE-2023-6055

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

CVE-2023-6058

A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-49570

CVE-2023-49570 affects Bitdefender Total Security through HTTPS scanning trust management. The flaw arises when the product trusts a certificate whose Basic Constraints mark it as an End Entity, enabling potential MITM where an attacker could intercept and possibly modify traffic between a user a...

CVE-2023-49570 Insecure Trust of Basic Constraints certificate in Bitdefender Total Security HTTPS Scanning (VA-11210)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. This occurs when the "Basic Constraints" extension in the certificate indicates that it is meant ...

CVE-2023-49567 Insecure Trust of certificates using collision hash functions in Bitdefender Total Security HTTPS Scanning (VA-11239)

A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. The product trusts certificates that are issued using the MD5...

CVE-2023-49567

The CVE concerns Bitdefender Total Security HTTPS scanning that incorrectly validates site certificates, allowing MITM SSL connections. Affected software: Bitdefender Total Security (HTTPS scanning component). Root cause: trust of certificates issued using MD5 and SHA1 collision hash functions en...

CVE-2023-6058 HTTPS Certificate Validation Issue in Bitdefender Safepay (VA-11167)

A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for...

CVE-2023-6058 HTTPS Certificate Validation Issue in Bitdefender Safepay (VA-11167)

A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the user to add the site to exceptions, resulting in the product trusting the certificate for...