Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

ADB TLS Auth Bypass Exploit CVE-2026-0073 An automated netw...

CVE-2026-28387

CVE-2026-28387 is a vulnerability in the DANE client code of OpenSSL related to an uncommon TLSA record configuration that may cause a use-after-free or double-free on the client. Public advisories across multiple vendors confirm the issue and reference OpenSSL versions affected and available fix...

CVE-2026-33308

A flaw was found in modgnutls, a TLS module for Apache HTTPD. Prior to version 0.13.0, the module's client certificate verification process did not properly validate the key purpose specified in the Extended Key Usage EKU extension. This oversight could allow a remote attacker, possessing a valid...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: redis6 (UTSA-2026-006184)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006184 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited grow...

CVE-2026-27134 Strimzi: All CAs from a custom CA chain consisting of multiple CAs are trusted for mTLS user autentication

Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. In versions 0.49.0 through 0.50.0, when using a custom Cluster or Clients CA with a multistage CA chain consisting of multiple CAs, Strimzi incorrectly configures the trusted...

RHEL 10 : keylime (RHSA-2026:2225)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2225 advisory. Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime:...

CVE-2026-1709

A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security TLS authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing...

CVE-2026-1709

CVE-2026-1709 concerns the Keylime registrar. Affected are 7.12.0 through 7.13.0, where the registrar does not enforce client TLS authentication, enabling unauthenticated network access to administrative endpoints (e.g., listing agents, retrieving public TPM data, deleting agents). Reported CVSS ...

CVE-2025-66220

A flaw was found in Envoy. This vulnerability allows mTLS mutual Transport Layer Security certificate validation bypass via a certificate containing an embedded null byte \0 inside an OTHERNAME SAN Subject Alternative Name value. Mitigation Mitigation for this issue is either not available or the...

EUVD-2020-25314

Malware in sbrugna...

EUVD-2011-2682

Malware in sbrugna...

EUVD-2014-5171

Malware in sbrugna...

EUVD-2019-8898

Malware in sbrugna...

EUVD-2025-12407

Malicious code in bioql PyPI...

EUVD-2024-0452

Malicious code in bioql PyPI...

BIT-VAULT-2025-6037 Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2025-950)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-950 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the serve...

Important: redis6

Issue Overview: Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not...

BIT-VALKEY-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

BIT-KEYDB-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...