10068 matches found
CVE-2025-8393 Dreame Technology iOS and Android Mobile Applications Improper Certificate Validation
A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may include user credentia...
CVE-2025-2028
Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs...
PT-2025-32374 · Unknown · Phone Application
Name of the Vulnerable Software and Affected Versions: Phone application affected versions not specified Description: A TLS vulnerability exists in the phone application used to manage a connected device. The application accepts self-signed certificates when establishing TLS communication,...
Important: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15,...
Important: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15,...
Linux Distros Unpatched Vulnerability : CVE-2017-7806
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable...
Linux Distros Unpatched Vulnerability : CVE-2022-3564
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file...
Linux Distros Unpatched Vulnerability : CVE-2024-53204
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: phy: realtek: usb: fix NULL deref in rtkusb3phyprobe In rtkusb3phyprobe devmkzalloc may retu...
net: phy: mscc: Fix memory leak when using one step timestamping
...
Dreame Technology iOS and Android Mobile Applications (Update A)
RISK EVALUATION Successful exploitation of this vulnerability could result in unauthorized information disclosure. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all control...
Linux Distros Unpatched Vulnerability : CVE-2021-1056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer nvidia.ko in which it does not completely honor operating...
Linux Distros Unpatched Vulnerability : CVE-2023-6859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR 115.6, Thunderbird 115.6, and Firefox...
Linux Distros Unpatched Vulnerability : CVE-2018-8034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0....
Linux Distros Unpatched Vulnerability : CVE-2022-34677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be...
Linux Distros Unpatched Vulnerability : CVE-2017-6267
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer handler where an incorrect initialization of internal objects can cause an infinite...
CVE-2025-2028
Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs...
Check Point Management Log Server 安全漏洞
Check Point Management Log Server is a log server from Check Point Israel. A security vulnerability exists in Check Point Management Log Server that stems from a lack of TLS authentication when downloading CSV files...
Linux Distros Unpatched Vulnerability : CVE-2023-0181
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in a kernel mode layer handler, where memory permissions are not correctly checked, whi...
USN-7686-1 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
CVE-2025-44964
A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information...