107 matches found
OpenTelemetry Collector Contrib 信任管理问题漏洞
OpenTelemetry Collector Contrib is an extensible telemetry data collection component library developed by OpenTelemetry - CNCF. Versions of OpenTelemetry Collector Contrib prior to 1.1.0 contained a trust management vulnerability. This vulnerability stemmed from the lack of validation of HTTPS/TL...
epa4all-client 信任管理问题漏洞
epa4all-client is an open-source document writing client tool developed by Oviva AG. Versions of epa4all-client prior to 1.2.1 contained a trust management vulnerability. This vulnerability stemmed from the ECDSA signature verification in SignedPublicKeysTrustValidatorImpl.isTrusted, where the...
Dell PowerFlex Manager 信任管理问题漏洞
Dell PowerFlex Manager is a management tool developed by Dell, Inc. Versions of Dell PowerFlex Manager prior to 4.6.2 contained a trust management vulnerability. This vulnerability stemmed from improper certificate verification, which could allow unauthenticated attackers with access to adjacent...
Ivanti Secure Access Client 信任管理问题漏洞
Ivanti Secure Access Client is a security software client developed by the American company Ivanti. Versions of Ivanti Secure Access Client prior to 22.8R6 contained a vulnerability related to trust management. This vulnerability stemmed from improper certificate verification, which could allow...
tickets 信任管理问题漏洞
Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a vulnerability related to trust management. This vulnerability stemmed from the hardcoding of a Google Maps API key in the settings.inc.php file. This...
Taiko AG1000-01A SMS Alert Gateway 信任管理问题漏洞
The Taiko AG1000-01A SMS Alert Gateway is an industrial communication gateway device developed by Taiko Company in Singapore. It supports SMS-based alert notifications and remote event messaging. Both the Rev 7.3 and Rev 8 versions of the Taiko AG1000-01A SMS Alert Gateway contain vulnerabilities...
Sensorweb ScadaBR 信任管理问题漏洞
Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version ScadaBR 1.2.0 contains a vulnerability related to trust management. This vulnerability arises from the use of hard-coded credentials,...
Huawei HG630 信任管理问题漏洞
The Huawei HG630 is a home broadband wireless router gateway device produced by the Chinese company Huawei. The Huawei HG630 V2 has a trust management vulnerability; this issue stems from an authentication bypass mechanism, which allows unauthorized attackers to obtain administrative access by...
Yeti Platform 信任管理问题漏洞
Yeti Platform is an open-source daily threat intelligence platform developed by Yeti Platform. Versions of Yeti Platform prior to 2.1.12 had a trust management vulnerability. This vulnerability occurred because allowing attackers to generate valid JWT tokens occurred without changing the...
Yarbo 信任管理问题漏洞
Yarbo is a modular intelligent courtyard maintenance robot developed by the American company Yarbo. Version 2.3.9 of Yarbo contains a vulnerability related to trust management. This vulnerability stems from hard-coded administrator credentials, which could allow attackers who are aware of these...
Incus 信任管理问题漏洞
Incus is a system container and virtual machine manager developed by LXC. Versions of Incus prior to 7.0.0 contained a vulnerability related to trust management. This vulnerability stemmed from a corrupted TLS verification logic in the OVN database connection logic. It could allow attackers to...
D-Link DIR-600L 信任管理问题漏洞
The D-Link DIR-600L is an entry-level wireless router from D-Link Corporation. It supports 150Mbps wireless transmission and has 4 Gigabit wired ports. The DIR-600L has a trust management vulnerability, which stems from a hard-coded telnet backdoor. This vulnerability could allow unauthenticated...
Apache Airflow 信任管理问题漏洞
Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. However, Apache Airflow has a trust management...
VMware Spring Boot 信任管理问题漏洞
VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the lack of hostnam...
VMware Spring Boot 信任管理问题漏洞
VMware Spring Boot is an open-source framework developed by the American company VMware. In versions 4.0.0 to 4.0.5 of VMware Spring Boot, there was a vulnerability related to trust management. This vulnerability stemmed from the fact that Elasticsearch’s automatic configuration during the...
SenseLive X3050 信任管理问题漏洞
The SenseLive X3050 is a data collection and environmental monitoring device designed for IoT scenarios by SenseLive Corporation. The SenseLive X3050 has a trust management vulnerability. This vulnerability stems from the fact that the authentication logic in the web management interface is...
cryptography 信任管理问题漏洞
cryptography is a Python cryptographic authority open-source library. Versions of cryptography prior to 46.0.6 had a trust management vulnerability. This vulnerability stemmed from DNS name constraints verifying only the SAN within sub-certs, without verifying the peer names presented during each...
Digital Bazaar Forge 信任管理问题漏洞
Digital Bazaar Forge is a native implementation of TLS in JavaScript by the American company Digital Bazaar, and it is an open-source tool used for developing encrypted and network-intensive web applications. Versions of Digital Bazaar Forge prior to 1.4.0 had a trust management vulnerability. Th...
OpenEMR 信任管理问题漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 7.0.4, there was a vulnerability related to...
Beetel 777VR1 信任管理问题漏洞
Beetel 777VR1 is a router produced by the Beetel company. Versions of Beetel 777VR1 starting from 01.00.09 and earlier have a vulnerability related to trust management. This vulnerability stems from hard-coded credentials present in the web management interface...