228 matches found
CVE-2026-1858
wget2 accepts a server certificate with incorrect Key Usage KU or Extended Key Usage EKU. If the attackers compromise a certificate with the associated private key issued for a different purpose, they may be able to reuse it for TLS server authentication...
EUVD-2025-208376
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
EUVD-2025-208377
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
CVE-2025-41765 Unchecked role in wwwupload.cgi
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
CVE-2025-41765
Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and...
Nozomi Networks Arc 信任管理问题漏洞
Nozomi Networks Arc is an endpoint detection and response proxy software developed by Nozomi Networks, Inc. Nozomi Networks Arc has a vulnerability related to trust management. This vulnerability arises from the lack of server certificate verification during the Arc agent’s connection process. It...
pouch 安全漏洞
Pouch is a non-IP protocol developed by Golioth. Version 0.1.0 of Pouch contains a security vulnerability. This vulnerability stems from a heap-based buffer overflow issue during the processing of BLE GATT server certificates, which could lead to heap overflow and system crashes...
CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
CVE-2025-53869
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
PT-2026-5245
Multiple MFPs provided by Brother Industries, Ltd. does not properly validate server certificates, which may allow a man-in-the-middle attacker to replace the set of root certificates used by the product with a set of arbitrary certificates...
Errands 信任管理问题漏洞
Errands is a to-do task management tool for mrvladus individual developers. A trust management issue vulnerability exists in Errands versions prior to 46.2.10 that stems from not validating the TLS certificate of the CalDAV server...
CVE-2025-65290
Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 fail to validate server certificates during HTTPS firmware downloads, allowing man-in-the-middle attackers to intercept firmware update traffic and potentially serve modified firmware files...
EUVD-2014-6807
Malware in sbrugna...
EUVD-2008-3268
Malware in sbrugna...
EUVD-2014-7209
Malware in sbrugna...
EUVD-2014-6608
Malware in sbrugna...
EUVD-2014-3264
Malware in sbrugna...
EUVD-2014-5890
Malware in sbrugna...