PT-2026-43312

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The execute web request secure function in src/fast library.cpp creates a boost::asio::ssl::context with tls client mode and calls set default verify paths to load CA certificates, but never...

Incorrect Authorization

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Incorrect Authorization in the setconfigvalue process. An attacker can disable outbound TLS peer verification by setting the sslverify configuration to 'off...

Important: Red Hat Security Advisory: Insights proxy Container Image

Initial GA Release of Red Hat Insights proxy The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights. The Insights proxy routes al...

PT-2025-42523

Name of the Vulnerable Software and Affected Versions ConnectWise Automate versions prior to 2025.9 Description The ConnectWise Automate Agent allows for configuration using HTTP instead of HTTPS. This configuration enables a man-in-the-middle attacker to intercept, modify, or replay agent-server...

CVE-2025-55036

When BIG-IP SSL Orchestrator explicit forward proxy is configured on a virtual server and the proxy connect feature is enabled, undisclosed traffic may cause memory corruption. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

EUVD-2023-57887

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-58066

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...

CVE-2025-7390 Bypass the client certificate trust check of an opc.https server while only secure communication is allowed

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication...

CVE-2023-5594

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted...

CVE-2023-5594

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted...

Input validation

Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted...

CVE-2023-5594

CVE-2023-5594 describes improper validation of the server’s certificate chain in the secure traffic scanning feature, causing intermediate certificates signed with MD5 or SHA-1 to be treated as trusted. Multiple sources (NVD, CVE List, CNNVD, PRION/PRION-like entries, and EUVD) tie this to ESET s...

PT-2023-7999 · Eset · Eset Security For Microsoft Sharepoint Server +12

Name of the Vulnerable Software and Affected Versions: ESET NOD32 versions affected versions not specified ESET Internet Security versions affected versions not specified ESET Smart Security Premium versions affected versions not specified ESET Security Ultimate versions affected versions not...

Selected ESET Products Security Vulnerabilities

ESET Security Ultimate is a complete security solution from ESET Slovakia. A security vulnerability exists in some ESET products that stems from improper validation of the server certificate chain, where intermediate certificates signed using the MD5 or SHA1 algorithms are treated as trusted, and...

CVE-2023-36843

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework jsf module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine pfe and thereby resulting in a Denial of Service DoS. Upon...

CVE-2020-0467

In onUserStopped of Vpn.java, there is a possible resetting of user preferences due to a logic issue. This could lead to local information disclosure of secure network traffic over a non-VPN link with no additional execution privileges needed. User interaction is not needed for...

CVE-2020-0467

In onUserStopped of Vpn.java, there is a possible resetting of user preferences due to a logic issue. This could lead to local information disclosure of secure network traffic over a non-VPN link with no additional execution privileges needed. User interaction is not needed for...

squid: HTTP Request Splitting could result in cache poisoning

A flaw was found in squid. Due to incorrect data validation, an HTTP Request Splitting attack against HTTP and HTTPS traffic is possible leading to cache poisoning. The highest threat from this vulnerability is to data confidentiality and integrity...