14 matches found
EUVD-2025-26599
Malicious code in bioql PyPI...
CVE-2025-9785
PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not...
CVE-2025-9785 Misconfigured certificate validation with self-signed certificates for Print Deploy
PaperCut Print Deploy is an optional component that integrates with PaperCut NG/MF which simplifies printer deployment and management. When the component is deployed to an environment, the customer has an option to configure the system to use a self-signed certificate. If the customer does not...
PT-2025-35658
Name of the Vulnerable Software and Affected Versions: PaperCut Print Deploy affected versions not specified Description: PaperCut Print Deploy, an optional component integrated with PaperCut NG/MF, is susceptible to man-in-the-middle attacks if not correctly configured with a trusted certificate...
UNC6384 Deploys PlugX via Captive Portal Hijacks and Valid Certificates Targeting Diplomats
A China-nexus threat actor known as UNC6384 has been attributed to a set of attacks targeting diplomats in Southeast Asia and other entities across the globe to advance Beijing's strategic interests. "This multi-stage attack chain leverages advanced social engineering including valid code signing...
CVE-2023-24011
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
CVE-2023-24011 Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDS
An attacker can arbitrarily craft malicious DDS Participants or ROS 2 Nodes with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7 certificate’s validation. This is caused by a...
DEBIAN-CVE-2021-37219
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2...
PT-2021-21582 · Hashicorp · Hashicorp Nomad +1
Name of the Vulnerable Software and Affected Versions: HashiCorp Nomad and Nomad Enterprise versions prior to 1.0.10 HashiCorp Nomad and Nomad Enterprise versions prior to 1.1.4 Description: The issue allows non-server agents with a valid certificate signed by the same CA to access server-only...
DHS Orders U.S. Federal Agencies to Audit DNS Security for Their Domains
The U.S. Department of Homeland Security DHS has today issued an "emergency directive" to all federal agencies ordering IT staff to audit DNS records for their respective website domains, or other agency-managed domains, within next 10 business days. The emergency security alert came in the wake ...
Mesosphere Marathon Web UI Public WAN (Internet) / Public LAN Accessible
The script checks if the Mesosphere Marathon Web UI is accessible from a public WAN Internet / public LAN. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
EPA for device certificate check fails on NetScaler
Users get the error "access denied" after EPA scan even with valid certificates available in the store...
CVE-2012-5822
The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of...
CVE-2012-5783
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...