EUVD-2022-31049

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-26491

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The clien...

Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1558 Abode Systems, Inc. iota All-In-One Security Kit XCMD setAlexa OS command injection vulnerability October 20, 2022 CVE Number CVE-2022-33189 SUMMARY An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, Inc. io...

EulerOS 2.0 SP5 : pidgin (EulerOS-SA-2022-2277)

According to the versions of the pidgin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious...

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

Design/Logic Flaw

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

SUSE SLED15: finch / finch-devel / libpurple / libpurple-branding-upstream / etc (SUSE-SU-2022:1693-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1693-1 advisory. - CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used bsc1199025. Tenable has extracted the preceding...

SUSE SLED12: finch / finch-devel / libpurple / libpurple-branding-upstream / etc (SUSE-SU-2022:1664-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1664-1 advisory. - CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used bsc1199025. Tenable has extracted the preceding...

Cisco Jabber for Windows 8.x / 9.x / 10.x / 11.0.x / 11.1.x XMPP Connection MitM STARTTLS Downgrade (cisco-sa-20151224-jab)

The version of Cisco Jabber for Windows installed on the remote host is 8.x, 9.x, 10.x, 11.0.x, or 11.1.x prior to 11.5. It is, therefore, affected by man-in-the-middle STARTTLS downgrade vulnerability due to improper checks to ensure the Extensible Messaging and Presence Protocol XMPP connection...

Fedora Update for telepathy-gabble FEDORA-2013-9794

Check for the Version of telepathy-gabble OpenVAS Vulnerability Test Fedora Update for telepathy-gabble FEDORA-2013-9794 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...

Fedora Update for telepathy-gabble FEDORA-2013-3379

Check for the Version of telepathy-gabble OpenVAS Vulnerability Test Fedora Update for telepathy-gabble FEDORA-2013-3379 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modi...