GO-2026-4414 Alist has Insecure TLS Config in github.com/alist-org/alist

Alist has Insecure TLS Config in github.com/alist-org/alist...

CVE-2023-4331

Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols...

EUVD-2023-54196

Malicious code in bioql PyPI...

EUVD-2023-54191

Malicious code in bioql PyPI...

User Impersonation

Overview Affected versions of this package are vulnerable to User Impersonation due to insufficient authentication checks in the client and server processes. An attacker can gain unauthorized access to sensitive data by establishing a connection without proper certificate validation or...

Insecure TLS Configuration

aws-cdk-lib is vulnerable to Insecure TLS configuration. The vulnerability is due to the tls.connect method setting rejectUnauthorized: false by default, which allows connections to unauthorized OIDC providers without verification. This could potentially allow attackers to exploit insecure...

EulerOS 2.0 SP10 : perl (EulerOS-SA-2023-2795)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users...

EulerOS Virtualization 2.11.0 : perl (EulerOS-SA-2023-3077)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuratio...

EulerOS Virtualization 2.9.0 : perl (EulerOS-SA-2023-2993)

According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuratio...

EulerOS Virtualization 2.10.0 : perl-HTTP-Tiny (EulerOS-SA-2023-2944)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS Virtualization 2.9.1 : perl-HTTP-Tiny (EulerOS-SA-2023-2968)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS...

EulerOS 2.0 SP9 : perl-HTTP-Tiny (EulerOS-SA-2023-2595)

According to the versions of the perl-HTTP-Tiny package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration wher...

Insecure TLS Configuration

wolfssl uses Insecure TLS Configuration. When generating the session master secret, the IKM value is utilized as a default predictable buffer, which may compromise the key and make it possible for listeners to reconstruct it. This could provide access to alteration of the contents of session...

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...