EUVD-2013-6464

Malware in sbrugna...

EUVD-2017-11828

Malware in sbrugna...

EUVD-2014-4121

Malware in sbrugna...

EUVD-2015-3279

Malware in sbrugna...

CVE-2025-36005

CVE-2025-36005 affects IBM MQ Operator families (LTS 2.0.x, CD 3.x, SC2 3.2.x) and IBM MQ Container images. Root cause: improper certificate validation enabling an Internet Pass-Thru proxy to access data from another TLS session when connecting to the same hostname/port. Impact: potential informa...

PT-2025-30675 · Ibm · Ibm Mq Operator +1

Name of the Vulnerable Software and Affected Versions: IBM MQ Operator versions 2.0.0 through 2.0.29 IBM MQ Operator CD versions 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3.5.0, 3.5.1, 3.6.0 IBM MQ Operator SC2 versions 3.2.0 through 3.2.13 Description: Improper certificate validati...

CVE-2014-4192

The DualECDRBG implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recoverin...

K10065173: TMM TLS virtual server vulnerability CVE-2019-6593

Security Advisory Description A BIG-IP virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle MITM attack, despite the attacker...

SUSE CVE-2014-8151

The darwinsslconnectstep1 function in lib/vtls/curldarwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL aka SecureTransport back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to...

SUSE CVE-2015-3216

Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleayrandbytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux RHEL 7 and other products, allows remote attackers to cause a denial of service application crash by establishi...

Mitel MiCollab Man-in-the-Middle Attack Vulnerability

Mitel MiCollab is an enterprise collaboration software and tools platform solution. A man-in-the-middle attack vulnerability exists in the AWV and MiCollab Client Service components in Mitel MiCollab versions prior to 9.3. The vulnerability stems from insufficient control over TLS sessions. An...

CVE-2020-25688

A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network traffic internal t...

CVE-2020-25688

A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network traffic internal t...

CVE-2020-25688

A flaw was found in rhacm. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository which resulted in all installations using the same certificates. If an attacker could observe network traffic internal to a cluster, they could use the private key...

CVE-2020-3585

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to...

CVE-2017-1712

"A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat ROBOT attack. An attacker could iteratively query a server running a vulnerable TLS stack...

DEBIAN-CVE-2020-13962

Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails...

Huawei Data Communication: Weak Algorithm Vulnerability in Some Huawei Products (huawei-sa-20180704-01-algorithm)

There is a weak algorithm vulnerability in some Huawei products. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Ubuntu 16.04 LTS / 18.04 LTS : OpenJDK vulnerabilities (USN-4337-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4337-1 advisory. It was discovered that OpenJDK incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial o...

Security Bulletin: Vulnerability in OpenSSL affects Sterling Connect:Enterprise for UNIX (CVE-2016-0800).

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by Sterling Connect:Enterprise for UNIX. Sterling Connect:Enterprise for UNIX has addressed the applicable CVE, the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability...