CVE-2022-20814

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...

CVE-2022-20814

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device...

CVE-2024-20280

CVE-2024-20280 affects Cisco UCS Central Software backup feature. The root cause is a weakness in the encryption method using a static key for backup configuration, allowing an attacker with access to a backup file to learn sensitive information stored in full state and configuration backups. Aff...

RHEL 6 : kdebase (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - konqueror visual hostname truncation in HTTP authentication dialog CVE-2007-3143 - KDE Konqueror 3.5.5 an...

Certificate trust error after updating SSL server certificate from new Intermediate or Root CA.

After updating a server SSL certificate, users are receiving certificate error "You have not chosen to trust 'DigiCert Global Root G2', the issuer of the server's security certificate.", "NET::ERRCERTAUTHORITYINVALID" or other certificate trust error...

PT-2022-5102 · Cisco · Cisco Telepresence Vcs +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway-C affected versions not specified Cisco TelePresence VCS affected versions not specified Description: A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an...

Siemens SINUMERIK Integrate Operate Client

1. EXECUTIVE SUMMARY CVSS v3 7.4 ATTENTION : Exploitable remotely Vendor : Siemens Equipment : SINUMERIK Integrate Operate Client Vulnerability : Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to spoof any SSL server...

Design/Logic Flaw

A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable...

Information disclosure

The EIN Lookup aka appinventor.aisiwanuth.EINLookup application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5532

The Honolulu aka adidas.jp.android.running.honolulu application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

JVN#85812843: FileMaker Pro fails to verify SSL server certificates

FileMaker Pro contains a function to encrypt communications with the FileMaker Server. FileMaker Pro fails to verify the SSL server certificate. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Upgrade the software Upgrade to the latest...

CVE-2012-5806

The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to...

Scientific Linux Security Update : ruby on SL5.x, SL4.x i386/x86_64

A flaw was discovered in the way Ruby's CGI module handles certain HTTP requests. If a remote attacker sends a specially crafted request, it is possible to cause the ruby CGI script to enter an infinite loop, possibly causing a denial of service. CVE-2006-6303 An SSL certificate validation flaw w...