GHSA-PGH9-MPWC-8JJF Harvester's SUSE Virtualization Registration Client Vulnerable to MITM and DOS

Impact A vulnerability has been identified in the SUSE Virtualization Harvester Rancher integration mechanism where by default the registration client uses an insecure TLS option that fails to verify the remote server’s certificate. This security gap could allow the execution of a man-in-the-midd...

PT-2026-38260

Name of the Vulnerable Software and Affected Versions SUSE Virtualization versions prior to 1.8.0 Description A security gap exists in the SUSE Virtualization Rancher integration mechanism where the registration client uses an insecure TLS option that fails to verify the remote server's...

foreman-kubevirt: foreman_kubevirt: Man-in-the-Middle due to insecure default SSL verification

A flaw was found in foremankubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority CA certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic between Satellite and...

RHEL 9 : Satellite 6.18.4 Async Update (Important) (RHSA-2026:5968)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5968 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

Improper Certificate Validation

Overview jxm is an Incredibly fast messaging backend Affected versions of this package are vulnerable to Improper Certificate Validation in the HTTPS request due to the use of 'rejectUnauthorized': false when 'jxobj.IsSecure' is true. An attacker can intercept or manipulate encrypted traffic by...

CVE-2025-70058

CVE-2025-70058 affects YMFE yapi v1.12.0. The root cause is improper TLS/SSL certificate validation caused by Axios HTTPS agent configuration that sets rejectUnauthorized to false, enabling MITM-like interception. Documented in multiple sources (YAPI-related advisories and NVD/Red Hat entries). T...

GHSA-62RC-F4V9-H543 SageMaker Python SDK has Insecure TLS Configuration

Summary SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where SSL certificate verification was globally disabled in the Triton Python backend has been found. Impact Arbitrary Code Execution: Disabling SSL verification...

SageMaker Python SDK has Insecure TLS Configuration

Summary SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where SSL certificate verification was globally disabled in the Triton Python backend has been found. Impact Arbitrary Code Execution: Disabling SSL verification...

CVE-2022-40620

FunJSQ, a third-party module integrated on some NETGEAR routers and Orbi WiFi Systems, does not properly validate TLS certificates when downloading update packages through its auto-update mechanism. An attacker suitably positioned on the network could intercept the update request and deliver a...

PT-2025-49829

Name of the Vulnerable Software and Affected Versions RUGGEDCOM ROX II versions prior to 2.17.0 Description The SCEP client within the affected devices does not properly validate multiple fields during secure certificate enrollment. This could allow an attacker to execute arbitrary code with root...

EUVD-2014-6999

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-24661

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates e.g., self-signed certificate...

GHSA-PGW7-WX7W-2W33 ProxyAgent vulnerable to MITM

Description Undici.ProxyAgent never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also means that nominally HTTPS requests are actually...

Insecure Certificate Validation

aws/aws-iot-device-sdk-js-v2 is vulnerable to Insecure Certificate Validation. Attackers are able to compromise certificate authorities in their trust stores on Linux/Unix, by spoofing DNS records to bypass CA pinning...

Insecure Certificate Validation

globalpayments/php-sdk is vulnerable to insecure certificate validation. The vulnerability exists in the sendRequest function in Gateway.php as it does not properly enforce the SSL certificate validations...

USN-4872-1: Axel vulnerability

It was discovered that Axel did not properly verify the certificates for hostnames. An attacker could use this vulnerability to impersonate another server and obtain sensitive information...

CVE-2021-3285

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS...

Design/Logic Flaw

In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Cordaware bestinformed has an unspecified vulnerability.

Cordaware bestinformed is a mass notification system from the German company Cordaware. A security vulnerability exists in the Cordaware bestinformed Windows client prior to version 6.2.1.0, which stems from an insecure SSL certificate inspection and access mode. A remote attacker could exploit t...

Information disclosure

The United Heritage Mobile aka FiMobile.UHCU application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...