16 matches found
EUVD-2020-1477
Malware in sbrugna...
EUVD-2006-6590
Malware in sbrugna...
EUVD-2017-1358
Malware in sbrugna...
CVE-2025-9785
The CVE concerns PaperCut Print Deploy (NG/MF integration) where using self‑signed or private CA certificates, without proper trust store configuration, can allow man‑in‑the‑middle attacks between clients and the server. The documentation gap on SSL configuration is cited as a contributing factor...
CVE-2025-9785 Misconfigured certificate validation with self-signed certificates for Print Deploy
PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not...
CVE-2020-26234
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...
CVE-2020-26234
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...
CVE-2020-26234
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...
Disabled Hostname Verification in Opencast
Opencast before version 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...
CVE-2020-26234 Disabled Hostname Verification in OpenCast
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...
JKS Private Key Cracker - Cracking passwords of private key entries in a JKS file
The Java Key Store JKS is the Java way of storing one or several cryptographic private and public keys for asymmetric cryptography in a file. While there are various key store formats, Java and Android still default to the JKS file format. JKS is one of the file formats for Java key stores, but J...
Cross site scripting
Oracle, GlassFish Server Open Source Edition 3.0.1 build 22 is vulnerable to Java Key Store Password Disclosure vulnerability, that makes it possible to provide an unauthenticated attacker plain text password of administrative user and grant access to the web-based administration interface...
CVE-2017-1000030
CVE-2017-1000030 affects Oracle GlassFish Server Open Source Edition 3.0.1 (build 22). The vulnerability is described as a Java Key Store Password Disclosure that allows an unauthenticated attacker to obtain the plaintext password of an administrative user and gain access to the web-based admin i...
CVE-2017-1000030
Removed by vendor...
CVE-2006-6607
The Java Key Store JKS for WebSphere Application Server WAS for IBM Tivoli Identity Manager ITIM 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods...
CVE-2006-6607
The Java Key Store JKS for WebSphere Application Server WAS for IBM Tivoli Identity Manager ITIM 4.6 places the JKS password in a -Djavax.net.ssl.trustStorePassword command line argument, which allows local users to obtain the password by listing the process or using other methods...