745 matches found
CVE-2019-20894
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...
CVE-2019-20894
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...
PT-2020-10858 · Containous · Traefik
Name of the Vulnerable Software and Affected Versions: Traefik versions 2.x Description: The issue allows HTTPS sessions to proceed without mutual TLS verification in certain configurations, where an error should have occurred due to a bad SSL client authentication certificate. This situation can...
CVE-2019-18246
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...
CVE-2019-18246
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...
Authentication flaw
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...
CVE-2019-18246
BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...
CVE-2019-18246
The connected sources confirm CVE-2019-18246 affects BIOTRONIK CardioMessenger II (home monitoring unit). The root issue is improper authentication with the BIOTRONIK Remote Communication infrastructure (CWE-287), enabling an attacker with adjacent access to interact with or intercept communicati...
SAyHello - Capturing Audio (.Wav) From Target Using A Link
Capturing audio .wav from target using a link How it works? After the user grants microphone permissions, a website redirect button of your choice is released to distract the target while small audio files about 4 seconds in wav format are sent to the attacker. It uses Recorderjs, plugin for...
Improper Authentication in requests-kerberos
python-requests-Kerberos through 0.5 does not handle mutual authentication...
The vulnerability of the PRNG component of the FortiOS operating system allows a hacker to gain unauthorized access to protected information.
The vulnerability of the PRNG component in the FortiOS operating system relates to the use of a weak entropy source during key generation. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information, when FortiOS acts as a client...
New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users
A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...
CVE-2014-8650
python-requests-Kerberos through 0.5 does not handle mutual authentication...
DEBIAN-CVE-2014-8650
python-requests-Kerberos through 0.5 does not handle mutual authentication...
Authentication flaw
python-requests-Kerberos through 0.5 does not handle mutual authentication...
PYSEC-2019-200
python-requests-Kerberos through 0.5 does not handle mutual authentication...
CVE-2014-8650
python-requests-Kerberos through 0.5 does not handle mutual authentication...
CVE-2014-8650
python-requests-Kerberos through 0.5 does not handle mutual authentication...
Updated proftpd packages fix security vulnerability
An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...
DEBIAN-CVE-2019-19269
An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...