15 matches found
CVE-2022-26320
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm formerly Fuji Xerox devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization...
EUVD-2019-14885
Malware in sbrugna...
EUVD-2017-17022
Malware in sbrugna...
EUVD-2022-41811
Malicious code in bioql PyPI...
EUVD-2021-34086
Malicious code in bioql PyPI...
EUVD-2024-0996
Malicious code in bioql PyPI...
EUVD-2022-43532
Malicious code in bioql PyPI...
CVE-2019-5280
The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attacks, leading to the affected phones registered...
CVE-2025-32407
Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attacker to impersonate any and all websites visited by the user. This is a critical misconfiguration in the way the browser validates the...
EulerOS 2.0 SP9 : perl (EulerOS-SA-2023-2885)
According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CVE-2023-31484 Note that Tenable Network Security...
ROS-20230615-05
Vulnerability in Thunderbird email client is related to incorrect processing of user data in the error page for sites with invalid TLS certificates. displaying certificate exceptions, on the error page for sites with invalid TLS certificates. Exploitation of the vulnerability could allow an...
CVE-2022-45419
If the user added a security exception for an invalid TLS certificate, opened an ongoing TLS connection with a server that used that certificate, and then deleted the exception, Firefox would have kept the connection alive, making it seem like the certificate was still trusted. This vulnerability...
CVE-2022-24968
The vulnerability affects Mellium mellium.im/xmpp up to version 0.21.0, where spoofing DNS TXT records can redirect a WebSocket connection to an attacker‑controlled server without TLS host verification failing due to incorrect ServerName selection during TLS verification. This can enable MITM red...
OPENSUSE-SU-2020:0305-1 Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues: - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...
OPENSUSE-SU-2020:0301-1 Security update for openfortivpn
This update for openfortivpn to version 1.12.0 fixes the following issues: - CVE-2020-7043: Fixed a TLS Certificate CommonName NULL Byte Vulnerability boo1165301. - CVE-2020-7042: Fixed use of uninitialized memory in X509checkhost boo1165300. - CVE-2020-7041: Fixed incorrect use of X509checkhost...