10068 matches found
CVE-2025-20251
CVE-2025-20251 affects Cisco Secure Firewall ASA/FTD VPN Web Server: authenticated remote attacker can use crafted HTTP requests to create or delete arbitrary files on the OS due to insufficient input validation, potentially dropping VPN sessions and causing DoS; device reboot may be required. Ex...
CVE-2025-20127 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume...
CVE-2025-20127
CVE-2025-20127 affects Cisco Secure Firewall ASA/FTD on Firepower 3100 and 4200 Series. The issue stems from TLS 1.3 cipher TLS_CHACHA20_POLY1305_SHA256, allowing an authenticated, remote attacker to exhaust resources tied to incoming TLS 1.3 connections and potentially deny new SSL/TLS or VPN co...
CVE-2025-20134 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability
A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS...
CVE-2025-33142
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...
CVE-2025-33142
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...
Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume...
CVE-2025-33142 IBM WebSphere Application Server information disclosure
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...
CVE-2025-33142 IBM WebSphere Application Server information disclosure
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections...
CVE-2025-33142
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections (CVE-2025-33142). The issue is described as improper certificate validation (CWE-295). IBM has issued multiple security bulletins across products that bundle or include WAS (e.g., IBM Engi...
httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption
An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...
httpd: HTTP Session Hijack via a TLS upgrade
An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...
httpd: HTTP Session Hijack via a TLS upgrade
An HTTP session hijacking flaw was found in Apache httpd. In some modssl configurations on Apache HTTP Server, an HTTP desynchronization attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade...
httpd: mod_ssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption
An access control bypass vulnerability was found in Apache httpd. The Apache HTTP Server with some modssl configurations can bypass the access controls by trusted clients using TLS 1.3 session resumption. A client trusted to access one virtual host may be able to access another if...
Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞
Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense are both products of Cisco, Inc.Cisco Secure Firewall Adaptive Cisco Secure Firewall Adaptive Security Appliance is an enterprise-class firewall software.Cisco Secure Firewall Threat Defense is an integrate...
A Hierarchical IDS for Zero-Day Attack Detection in Internet of Medical Things Networks
The Internet of Medical Things IoMT is driving a healthcare revolution but remains vulnerable to cyberattacks such as denial of service, ransomware, data hijacking, and spoofing. These networks comprise resource constrained, heterogeneous devices e.g., wearable sensors, smart pills, implantables,...
Fedora 42 : perl-Authen-SASL (2025-fddaaaf9f0)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-fddaaaf9f0 advisory. 2.1900 Fixed - CVE-2025-40918 Insecure source of randomness, required addition of dependency on Crypt::URandom Changed - Modules Authen::SASL::Perl::CRAMMD5,...
CVE-2025-52585
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman ADH ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical...
CVE-2025-8901
Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...
[SECURITY] [DSA 5972-1] openjdk-17 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5972-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2025 https://www.debian.org/security/faq -...