EUVD-2025-202614

Due to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located "upstream" can decrypt the TLS traffic, inspect its contents, and modify the requests in transit. This may result in a total compromise of the user's account if t...

CVE-2025-65830

Due to a lack of certificate validation, all traffic from the mobile application can be intercepted. As a result, an adversary located "upstream" can decrypt the TLS traffic, inspect its contents, and modify the requests in transit. This may result in a total compromise of the user's account if t...

EUVD-2020-27026

Malware in sbrugna...

EUVD-2017-8340

Malware in sbrugna...

EUVD-2014-0994

Malware in sbrugna...

EUVD-2013-3393

Malware in sbrugna...

CVE-2019-6576

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" All versions V15.1 Update 1, SIMATIC HMI Comfort Outdoor Panels 7" & 15" All versions V15.1 Update 1, SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 und KTP900F All versions V15.1 Update 1, SIMATIC WinCC...

CVE-2024-20339

A vulnerability in the TLS processing feature of Cisco Firepower Threat Defense FTD Software for Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an issue that occurs when TLS...

PT-2025-2928 · Ecovacs · Ecovacs

Name of the Vulnerable Software and Affected Versions: ECOVACS lawnmowers and vacuums affected versions not specified Description: The issue concerns the improper validation of TLS certificates by ECOVACS lawnmowers and vacuums. This allows an unauthenticated attacker to read or modify TLS traffi...

CVE-2024-46667

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections...

CVE-2024-46667

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections...

PT-2025-2747 · Fortinet · Fortisiem

Name of the Vulnerable Software and Affected Versions: Fortinet FortiSIEM versions 5.3 through 7.1.5 Description: A resource allocation issue without limits or throttling may allow an attacker to deny valid TLS traffic by consuming all allotted connections. Recommendations: For Fortinet FortiSIEM...

Security Bulletin: A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation and may result in a bypass of security restrictions (CVE-2024-0056)

Summary A vulnerability in Microsoft .NET Core affects IBM Robotic Process Automation resulting in a bypass of security restrictions. Microsoft .NET Core is used by IBM Robotic Process Automation as part of it's development platform. This bulletin identifies the security fixes to apply to address...

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at...

K63558580: BIG-IP crypto driver vulnerability CVE-2020-5872

Security Advisory Description When processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event. CVE-2020-5872 Impact Hardware cryptographic acceleration fails an...

Cisco Adaptive Security Appliance Software SSL/TLS DoS (cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx)

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to inefficient direct memory acce...

Withdrawn Advisory: Improper Certificate Validation in Apache Qpid Proton

Withdrawn Advisory This advisory has been withdrawn because the vulnerability only affects the Qpid Proton C library and not org.apache.qpid:proton-j. This link has been maintained to preserve external references. Original Description While investigating bug PROTON-2014, we discovered that under...

CVE-2020-3585 Cisco Firepower 1000 Series Bleichenbacher Attack Vulnerability

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to...

CVE-2020-5872

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...

Design/Logic Flaw

On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event...