Total
1247 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-62375 | 1 Go-witness | 1 Go-witness | 2025-10-21 | 5.9 Medium |
| go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is empty, and when RSA signature verification fails. The attestor also embeds a single legacy global AWS public certificate and does not account for newer region specific certificates issued in 2024, making detection of forged documents difficult without additional trusted region data. An attacker able to supply or intercept instance identity document data (such as through Instance Metadata Service impersonation) can cause a forged identity document to be accepted, leading to incorrect trust decisions based on the attestation. This is fixed in go-witness 0.9.1 and witness 0.10.1. As a workaround, manually verify the included identity document, signature, and public key with standard tools (for example openssl) following AWS’s verification guidance, or disable use of the AWS attestor until upgraded. | ||||
| CVE-2025-62371 | 1 Opensearch | 1 Opensearch | 2025-10-21 | 7.4 High |
| OpenSearch Data Prepper as an open source data collector for observability data. In versions prior to 2.12.2, the OpenSearch sink and source plugins in Data Prepper trust all SSL certificates by default when no certificate path is provided. Prior to this fix, the OpenSearch sink and source plugins would automatically use a trust all SSL strategy when connecting to OpenSearch clusters if no certificate path was explicitly configured. This behavior bypasses SSL certificate validation, potentially allowing attackers to intercept and modify data in transit through man-in-the-middle attacks. The vulnerability affects connections to OpenSearch when the cert parameter is not explicitly provided. This issue has been patched in version 2.12.2. As a workaround, users can add the cert parameter to their OpenSearch sink or source configuration with the path to the cluster's CA certificate. | ||||
| CVE-2025-11695 | 1 Mongodb | 1 Rust-driver | 2025-10-21 | 8 High |
| When tlsInsecure=False appears in a connection string, certificate validation is disabled. This vulnerability affects MongoDB Rust Driver versions prior to v3.2.5 | ||||
| CVE-2025-50944 | 1 Avtech | 1 Eagleeyes\(lite\) | 2025-10-14 | 8.8 High |
| An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation. | ||||
| CVE-2025-5279 | 2025-10-14 | 7.5 High | ||
| When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and retrieve an access token. This issue has been addressed in driver version 2.1.7. Users should upgrade to address this issue and ensure any forked or derivative code is patched to incorporate the new fixes. | ||||
| CVE-2025-0501 | 2025-10-14 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces (when running PCoIP protocol) may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-0500 | 2025-10-14 | 7.5 High | ||
| An issue in the native clients for Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle. | ||||
| CVE-2025-55109 | 1 Bmc | 2 Control-m/agent, Control-m\/agent | 2025-10-10 | 9 Critical |
| An authentication bypass vulnerability exists in the out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 and potentially earlier unsupported versions when using an empty or default kdb keystore or a default PKCS#12 keystore. A remote attacker with access to a signed third-party or demo certificate for client authentication can bypass the need for a certificate signed by the certificate authority of the organization during authentication on the Control-M/Agent. The Control-M/Agent contains hardcoded certificates which are only trusted as fallback if an empty kdb keystore is used; they are never trusted if a PKCS#12 keystore is used. All of these certificates are now expired. In addition, the Control-M/Agent default kdb and PKCS#12 keystores contain trusted third-party certificates (external recognized CAs and default self-signed demo certificates) which are trusted for client authentication. | ||||
| CVE-2023-4586 | 2 Infinispan, Redhat | 3 Hot Rod, Data Grid, Jboss Data Grid | 2025-10-09 | 7.4 High |
| A vulnerability was found in the Hot Rod client. This security issue occurs as the Hot Rod client does not enable hostname validation when using TLS, possibly resulting in a man-in-the-middle (MITM) attack. | ||||
| CVE-2024-42193 | 1 Hcltech | 1 Bigfix Platform | 2025-10-09 | 8.1 High |
| HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. This scenario presents a possibility of man-in-the-middle (MITM) attacks and data exposure as, if exploited, this vulnerability could potentially lead to unauthorized access. | ||||
| CVE-2025-34235 | 2 Microsoft, Vasion | 3 Windows, Virtual Appliance Application, Virtual Appliance Host | 2025-10-09 | 7.8 High |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 (Windows client deployments) contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can intercept HTTPS traffic can then inject malicious driver DLLs, resulting in remote code execution with SYSTEM privileges; a local attacker can achieve local privilege escalation via a junction‑point DLL injection. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced. | ||||
| CVE-2025-61778 | 1 Akkadotnet | 1 Akka.net | 2025-10-08 | N/A |
| Akka.NET is a .NET port of the Akka project from the Scala / Java community. In all versions of Akka.Remote from v1.2.0 to v1.5.51, TLS could be enabled via our `akka.remote.dot-netty.tcp` transport and this would correctly enforce private key validation on the server-side of inbound connections. Akka.Remote, however, never asked the outbound-connecting client to present ITS certificate - therefore it's possible for untrusted parties to connect to a private key'd Akka.NET cluster and begin communicating with it without any certificate. The issue here is that for certificate-based authentication to work properly, ensuring that all members of the Akka.Remote network are secured with the same private key, Akka.Remote needed to implement mutual TLS. This was not the case before Akka.NET v1.5.52. Those who run Akka.NET inside a private network that they fully control or who were never using TLS in the first place are now affected by the bug. However, those who use TLS to secure their networks must upgrade to Akka.NET V1.5.52 or later. One patch forces "fail fast" semantics if TLS is enabled but the private key is missing or invalid. Previous versions would only check that once connection attempts occurred. The second patch, a critical fix, enforces mutual TLS (mTLS) by default, so both parties must be keyed using the same certificate. As a workaround, avoid exposing the application publicly to avoid the vulnerability having a practical impact on one's application. However, upgrading to version 1.5.52 is still recommended by the maintainers. | ||||
| CVE-2025-58124 | 2 Checkmk, Heinlein-support | 2 Checkmk, Check Mk Python Api | 2025-10-07 | 4.8 Medium |
| Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic. | ||||
| CVE-2025-34199 | 2 Printerlogic, Vasion | 4 Vasion Print, Virtual Appliance, Virtual Appliance Application and 1 more | 2025-10-02 | 8.1 High |
| Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1049 and Application versions prior to 20.0.2786 (VA and SaaS deployments) contain insecure defaults and code patterns that disable TLS/SSL certificate verification for communications to printers and internal microservices. In multiple places, the application sets libcurl/PHP transport options such that CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are effectively disabled, and environment variables (for example API_*_VERIFYSSL=false) are used to turn off verification for gateway and microservice endpoints. As a result, the client accepts TLS connections without validating server certificates (and, in some cases, uses clear-text HTTP), permitting on-path attackers to perform man-in-the-middle (MitM) attacks. An attacker able to intercept network traffic between the product and printers or microservices can eavesdrop on and modify sensitive data (including print jobs, configuration, and authentication tokens), inject malicious payloads, or disrupt service. This vulnerability has been identified by the vendor as: V-2024-024 — Insecure Communication to Printers & Microservices. | ||||
| CVE-2024-54846 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2025-10-02 | 5.9 Medium |
| An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack. | ||||
| CVE-2024-54847 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2025-10-02 | 5.9 Medium |
| An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to access the Diffie-Hellman (DH) parameters and access sensitive data or execute a man-in-the-middle attack. | ||||
| CVE-2024-54848 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2025-10-02 | 7.4 High |
| Improper handling and storage of certificates in CP Plus CP-VNR-3104 B3223P22C02424 allow attackers to decrypt communications or execute a man-in-the-middle attacks. | ||||
| CVE-2024-54849 | 1 Cpplusworld | 2 Cp-vnr-3104, Cp-vnr-3104 Firmware | 2025-10-02 | 5.9 Medium |
| An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the second RSA private key and access sensitive data or execute a man-in-the-middle attack. | ||||
| CVE-2024-5918 | 1 Paloaltonetworks | 1 Pan-os | 2025-10-01 | 4.3 Medium |
| An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you "Allow Authentication with User Credentials OR Client Certificate." | ||||
| CVE-2025-39205 | 2025-10-01 | 6.5 Medium | ||
| A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product. The certificate validation of the TLS protocol allows remote Man-in-the-Middle attack due to missing proper validation. | ||||