7 matches found
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack...
Fortinet FortiWeb Trust Management Issue Vulnerability
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning, and other attacks to secure web applications and protect sensitive database content. A trust management issue vulnerability exis...
Debian: Security Advisory (DLA-3137-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3137-1] nodejs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3137-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 05, 2022 https://wiki.debian.org/LTS -...
Security Bulletin: IBM QRadar SIEM is vulnerable to invalid certificate validation (CVE-2019-4654)
Summary IBM QRadar SIEM does not validate, or incorrectly validates, a certificate. Vulnerability Details CVEID: CVE-2019-4654 DESCRIPTION: IBM QRadar does not validate, or incorrectly validates, a certificate which could allow an attacker to spoof a trusted entity by using a man-in-the-middle MI...
Micro Focus Self Service Password Reset Trust Management Issue Vulnerability
Micro Focus Self Service Password Reset is a web-based password management solution from Micro Focus UK. The product allows users to change their passwords using self-service. A trust management issue vulnerability exists in versions prior to Micro Focus Self Service Password Reset 4.4.0.4, which...
Improper validation of certificates when using self-signed certificates 1.8.2
Platform: Desktop-clients Versions: 1.8.2, Date: 6/8/2015 Risk level: Medium CVSS v2 Base Score: 6.1 AV:N/AC:H/Au:N/C:C/I:P/A:N CWE: Improper Validation of Certificate with Host Mismatch CWE-297...