CVE-2026-33779

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect t...

EUVD-2007-4598

Malware in sbrugna...

Home Assistant 安全漏洞

Home Assistant is an open source home automation management system from Home Assistant Open Source. The system is primarily used to control home automation devices. A security vulnerability exists in Home Assistant versions prior to 2024.1.6 that stems from not properly validating SSL certificate...

CVE-2024-39229

An issue in GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000/MT2500/AXT1800/AX1800/A1300/X300B v4.5.16, XE300 v4.3.16, E750 v4.3.12, AP1300/S1300 v4.3.13, XE3000/X3000 v4, and B2200/MV1000/MV1000W/USB150/N300/SF1200 v3.216 allows attackers to...

CVE-2024-39223

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

CVE-2024-39223

An authentication bypass in the SSH service of gost v2.11.5 allows attackers to intercept communications via setting the HostKeyCallback function to ssh.InsecureIgnoreHostKey...

CVE-2024-36788

Netgear WNR614 JNR1010V2 N300-V1.1.0.541.0.1 does not properly set the HTTPOnly flag for cookies. This allows attackers to possibly intercept and access sensitive communications between the router and connected devices...

Open5GS 安全漏洞

Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a security vulnerability that can be exploited by an attacker to intercept VNF Virtual Network Functions communications, thereby exposing sensitive information...

IR615 Router encryption problem vulnerability

The IR615 Router is a 4G industrial router from Rimu Technologies, China. IR615 Router is vulnerable to an encryption issue that could be exploited by attackers to intercept communications and steal sensitive information or hijack sessions...

Ubuntu: Security Advisory (USN-5079-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-1134

A vulnerability in the Cisco Identity Services Engine ISE integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when...

WordPress 插件信任管理问题漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language.WP-CLI is the command line interface for WordPress. WordPress WP-CLI has a trust management issue vulnerability that can be exploited by remote attackers to be able to intercept communications...

USN-4898-1: curl vulnerabilities

Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2021-22876 Mingtao Yang discovered that curl incorrectly handled session tickets when using an HTTPS proxy. A...

CVE-2016-9928

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...

CVE-2016-9928

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets...

Police Using Planes Equipped with Dirtbox to Spy on your Cell Phones

The Anaheim Police Department of California — Home of Disneyland — admitted that they used special Cell Phone surveillance technology, known as DirtBox, mounted on aircraft to track millions of mobile users activities. More than 400 pages of new documents PDF published Wednesday revealed that Loc...

FBI Arrested CEO of 'StealthGenie' for Selling Mobile Spyware Apps

The Federal Bureau of Investigation FBI has arrested the CEO of a UK-based company for allegedly advertising and selling a spyware app to individuals who suspect their romantic partners of cheating on them. The dodgy cell phone spyware application, dubbed as StealthGenie, monitors victims’ phone...

PRISM like Surveillance system in France to intercept billions of communications

The US isn't the only western country with an Digital eye i.e PRISM like surveillance program, designed to monitor internet and phone communications. French is leading member at European Parliament and they voted to launch an in-depth inquiry against the US's based PRISM surveillance project. The...

CVE-2007-4615

The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote attackers to intercept communications...

Code injection

The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote attackers to intercept communications...