Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Komodia Subscribe
Filtered by product Redirector Sdk
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-2077 1 Komodia 1 Redirector Sdk 2016-12-30 5.0 MEDIUM N/A
The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker (alpha) 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, uses the same X.509 certificate private key for a root CA certificate across different customers' installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging knowledge of this key, as originally reported for Superfish VisualDiscovery on certain Lenovo Notebook laptop products.
CVE-2015-2078 1 Komodia 1 Redirector Sdk 2015-02-27 5.0 MEDIUM N/A
The SDK for Komodia Redirector with SSL Digestor, as used in Lavasoft Ad-Aware Web Companion 1.1.885.1766 and Ad-Aware AdBlocker (alpha) 1.3.69.1, Qustodio for Windows, Atom Security, Inc. StaffCop 5.8, and other products, does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers, a different vulnerability than CVE-2015-2077.