60 matches found
Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.0
Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.0 Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...
EUVD-2017-18516
Malware in sbrugna...
EUVD-2014-5551
Malware in sbrugna...
EUVD-2013-7213
Malware in sbrugna...
EUVD-2005-2696
Malware in sbrugna...
EUVD-2012-5673
Malware in sbrugna...
EUVD-2022-5533
Malicious code in bioql PyPI...
CVE-2012-5807
The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
CVE-2012-5801
The PayPal module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the...
CVE-2012-5799
The Canada Post aka CanadaPost module in PrestaShop does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate,...
Linux Distros Unpatched Vulnerability : CVE-2014-0104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In fence-agents before 4.0.17 does not verify remote SSL certificates in the fenceciscoucs.py script which can potentially allow for man-in-the-middle attackers...
Linux Distros Unpatched Vulnerability : CVE-2007-6591
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE Konqueror 3.5.5 and 3.95.00, when a user accepts an SSL server certificate on the basis of the CN domain name in the DN field, regards the certificate as al...
NewStart CGSL MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2019-0008)
The remote NewStart CGSL host, running version MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service application crash an...
CVE-2014-7744
The Musulmanin.com aka com.wSalyafiyailimurdjiya application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The news revolution - bahrain aka com.news.revolution.BH application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The TicketOne.it aka it.ticketone.mobile.app.Android application 2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Maccabi Pakal aka com.ideomobile.pakalmaccabi application 1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The GES Agri Connect aka com.wAgriConnect application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7486
The Mitsubishi Road Assist aka com.agero.mitsubishi application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7420
The Just Bureaucracy aka com.magzter.justbureaucracy application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...