CVE-2026-0073

In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...

EUVD-2025-28141

Malicious code in bioql PyPI...

SUSE CVE-2025-48057

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

DEBIAN-CVE-2025-48057

Icinga 2 is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. Prior to versions 2.12.12, 2.13.12, and 2.14.6, the VerifyCertificate function can be tricked into incorrectly treating certificates as vali...

SUSE CVE-2016-9953

The verifycertificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service crash, or possibly have unspecified other impact via a wildcard...

SUSE CVE-2016-9952

The verifycertificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by ".com....

SUSE CVE-2021-3547

OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration...

PT-2021-6876 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: OpenSSL version 3.0.0 OpenSSL versions prior to 3.0.1 Description: The issue is related to the mishandling of internal errors by the X509 verify cert function in OpenSSL. This function may return a negative value to indicate an internal error...

gnutls verify_crt() memory corruption vulnerability

GnuTLS is a secure communications library that implements the SSL, TLS, and DTLS protocols and technologies surrounding them. A memory corruption vulnerability exists in gnutls verifycrt. An attacker can exploit this vulnerability to conduct malicious attacks...

SOL10133477 - BIG-IP IPsec IKE peer listener vulnerability CVE-2016-5736

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

nss: CERT_VerifyCert returns SECSuccess (saying certificate is good) even for bad certificates (MFSA 2013-103)

The CERTVerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services NSS 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access...

GLSA-200901-10 : GnuTLS: Certificate validation error

The remote host is affected by the vulnerability described in GLSA-200901-10 GnuTLS: Certificate validation error Martin von Gagern reported that the gnutlsx509verifycertificate function in lib/x509/verify.c trusts certificate chains in which the last certificate is an arbitrary trusted,...