CVE-2026-49267

Apache Airflow's EmailOperator and the underlying airflow.utils.email helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used email smtpstarttls=True without email smtpssl. An attacker positioned between the worker and the configured SMTP...

PT-2026-36084

Name of the Vulnerable Software and Affected Versions apache-airflow-providers-smtp affected versions not specified Description The SmtpHook component in the SMTP provider calls the Python function smtplib.SMTP.starttls without an SSL context. This omission prevents certificate validation during...

Apache Log4j 安全漏洞

Apache Log4j is an open-source logging tool based on Java, developed by the Apache Foundation in the United States. Versions of Apache Log4j Core 2.25.3 and earlier contain security vulnerabilities. These vulnerabilities stem from the silent ignoring of the verifyHostName configuration property,...

CVE-2026-3100 An improper certificate validation vulnerability was found in the FTP Backup on the ADM.

The FTP Backup on the ADM will not properly strictly enforce TLS certificate verification while connecting to an FTP server using FTPES/FTPS. An improper validated TLS/SSL certificates allows a remote attacker can intercept network traffic to perform a Man-in-the-Middle MitM attack, which may...

EUVD-2014-5491

Malware in sbrugna...

EUVD-2017-16505

Malware in sbrugna...

EUVD-2014-7305

Malware in sbrugna...

Curl 8.8.0 < 8.14.0 Improper Certificate Validation (CVE-2025-4947)

The version of Curl installed on the remote host is is missing security update. It is, therefore, affected by a improper certificate validation vulnerability. - libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the...

CVE-2024-36066

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication the...

CVE-2024-47619

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

CVE-2024-47619 tranport: TLS host name wildcard matching too lax

syslog-ng is an enhanced log daemo. Prior to version 4.8.2, tlswildcardmatch matches on certificates such as foo..bar although that is not allowed. It is also possible to pass partial wildcards such as foo.ac.bar which glib matches but should be avoided / invalidated. This issue could have an...

CVE-2022-45877

OpenHarmony-v3.1.4 and prior versions had an vulnerability. PIN code is transmitted to the peer device in plain text during cross-device authentication, which reduces the difficulty of man-in-the-middle attacks...

PT-2021-9742

Name of the Vulnerable Software and Affected Versions PJSIP versions 2.10 and earlier Description PJSIP is a free and open source multimedia communication library that implements standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. The library has a vulnerability that allows for...

DEBIAN-CVE-2019-14823

A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attack...

PYSEC-2017-49

The checkPassword function in python-kerberos does not authenticate the KDC it attempts to communicate with, which allows remote attackers to cause a denial of service bad response, or have other unspecified impact by performing a man-in-the-middle attack...

hammer_cli SSL Certificate Authentication Security Bypass Vulnerability

Hammer is a general-purpose clamp-based CLI framework from Foreman. hammer-cli provides only the core functionality. A SSL certificate authentication security bypass vulnerability exists in hammercli, which stems from the program failing to properly validate SSL certificates. An attacker could us...

DEBIAN-CVE-2015-3197

ssl/s2srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the getclientmasterkey and...

Olate Download 3.4.2~modules/core/uim.php~XSS

VISIT ORIGINAL ADVISORY FOR MORE DETAILES http://myimei.com/security/2007-08-22/olate-download-342modulescoreuimphpxss.html VISIT ORIGINAL ADVISORY FOR MORE DETAILES ——————-Summary—————- Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.2 Class: Remote Status:...