12 matches found
CVE-2026-54291
pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to...
FreeBSD : PostgresSQL JDBC -- Silent channel-binding authentication downgrade via unsupported certificate algorithms (7701f760-745c-11f1-bc50-6cc21735f730)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7701f760-745c-11f1-bc50-6cc21735f730 advisory. PostgreSQL project reports: channelBinding=require connections can be silently downgraded from...
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1574)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-69766 CVE-2025-10966 affecting package cmake 3.21.4-21
curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more...
EUVD-2020-8591
Malware in sbrugna...
OESA-2025-1553 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...
SUSE-SU-2025:20160-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: - Fix ssh client segfault with...
CLSA-2024-1722535503 systemd: Fix of CVE-2023-7008
CVE-2023-7008: prevent systemd-resolved from accepting DNS records of DNSSEC- signed domains without a signature to mitigate man-in-the-middle attacks...
Stack overflow
TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairin...
CVE-2020-16630
TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairin...
Ghost In The Net
Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan Properties: Network Invisibility Network Anonymity Protects from MITM/DOS Transparent Cross-platform Minimalistic Dependencies: Linux 2.4.26+ – will work on any Linux-based OS, including Whonix and...
jsDelivr: HSTS Policy not enabled on cdn.jsdelivr.net
This one provides MITM against SSL attacks protection. You should enable this just in case. Hope this helps...