CVE-2008-7296

Apple Safari cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security HSTS includeSubDomains...

CVE-2025-48417 Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations

The certificate and private key used for providing transport layer security for connections to the web interface TCP port 443 is hard-coded in the firmware and are shipped with the update files. An attacker can use the private key to perform man-in-the-middle attacks against users of the admin...

Security Bulletin: AIX/VIOS is vulnerable to a denial of service due to ISC BIND

Summary Vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service CVE-2024-12705, CVE-2024-11187. AIX uses ISC BIND as as part of its DNS functions. Vulnerability Details CVEID:CVE-2024-12705 DESCRIPTION: Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's C...

CVE-2025-32407

CVE-2025-32407 affects Samsung Internet for Galaxy Watch, version 5.0.9 (widely deployed up to Galaxy Watch 3). The issue is improper TLS certificate validation in the browser, enabling an attacker to impersonate any visited website and potentially perform MitM attacks, with corresponding risk to...

PT-2025-21755 · Samsung · Samsung Internet For Galaxy Watch

Name of the Vulnerable Software and Affected Versions: Samsung Internet for Galaxy Watch version 5.0.9 Description: The issue is a critical misconfiguration in the way the browser validates the identity of the server, allowing an attacker to impersonate any website visited by the user. This negat...

wget security update

An update is available for wget. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, a...

RLSA-2024:3094 Moderate: perl-CPAN security update

The CPAN module is a tool to query, download and build perl modules from CPAN sites. Security Fixes: perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS CVE-2023-31484 For more details about the security issues, including the impact, a CVSS score,...

GHSA-72QJ-48G4-5XGX JRuby-OpenSSL has hostname verification disabled by default

Summary When verifying SSL certificates, jruby-openssl is not verifying that the hostname presented in the certificate matches the one we are trying to connect to, meaning a MITM could just present any valid cert for a completely different domain they own, and JRuby wouldn't complain. Details n/a...

Exploit for CVE-2025-1974

CVE-2025-1974IngressNightmare poc IngressNightmare Script...

SUSE CVE-2025-30194

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access double-free and crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.9 version. A...

DEBIAN-CVE-2025-30194

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access double-free and crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.9 version. A...

UBUNTU-CVE-2025-30194

When DNSdist is configured to provide DoH via the nghttp2 provider, an attacker can cause a denial of service by crafting a DoH exchange that triggers an illegal memory access double-free and crash of DNSdist, causing a denial of service. The remedy is: upgrade to the patched 1.9.9 version. A...

DNSdist 安全漏洞

DNSdist is a highly DNS, DoS and abuse aware load balancer from DNSdist open source. A security vulnerability exists in DNSdist that stems from a double release triggered by the nghttp2 provider program when processing DoH exchanges, which could lead to a denial of service...

CVE-2021-47662 Unauthenticated remote shutdown of the cobot

Due to missing authorization an unauthenticated remote attacker can cause a DoS attack by connecting via HTTPS and triggering the shutdown button...

CVE-2021-47662 Unauthenticated remote shutdown of the cobot

Due to missing authorization an unauthenticated remote attacker can cause a DoS attack by connecting via HTTPS and triggering the shutdown button...

CVE-2021-47662

CVE-2021-47662 is associated with Franka Emika Robot. The vulnerability arises from missing authorization, enabling an unauthenticated remote attacker to trigger a shutdown button over HTTPS and cause a denial-of-service. Connected sources confirm the issue affects the Franka Emika Robot hardware...

Malicious code in https-agen-chii (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2025-17675 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue concerns the transmission of sensitive information via URL or query parameters, which could be exposed to an unauthorized actor using man-in-the-middle techniques...

The vulnerability of the HTTPS protocol implementation in ConneXium Network Manager’s software for network management allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the HTTPS protocol implementation in ConneXium Network Manager software relates to the use of files and directories accessible to external parties. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...