Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 3:2 a.m.3 views

CVE-2025-13052

When the user set the Notification's sender to send emails to the SMTP server via msmtp, an improper validated TLS/SSL certificates allows an attacker who can intercept network traffic between the SMTP client and server to execute a man-in-the-middle MITM attack, which may obtain the sensitive...

7CVSS6.8AI score0.00157EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.4 views

PT-2025-50802

Name of the Vulnerable Software and Affected Versions ADM versions 4.1.0 through 4.3.3.RKD2 ADM versions 5.0.0 through 5.1.0.RN42 Description An improperly validated TLS/SSL certificate when sending emails to an SMTP server via msmtp allows an attacker intercepting network traffic to execute a...

7CVSS6.7AI score0.00157EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 6:0 p.m.7 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in jinja2-3.1.5-py3-none-any.whl

Summary IBM Watson Discovery Cartridge contains a vulnerable version of jinja2-3.1.5-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-27516 DESCRIPTION: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filt...

8.8CVSS7.7AI score0.00465EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/26 5:59 p.m.6 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in golang.org/x/net-v0.33.0

Summary IBM Watson Discovery Cartridge contains a vulnerable version of golang.org/x/net-v0.33.0 Vulnerability Details CVEID:CVE-2025-22870 DESCRIPTION: Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment...

4.4CVSS6.8AI score0.00384EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.11 views

PT-2022-26153 · Grails · Grails Spring Security Core Plugin

Name of the Vulnerable Software and Affected Versions: Grails Spring Security Core plugin versions 1.x Grails Spring Security Core plugin versions 2.x Grails Spring Security Core plugin versions 3.0.0 through 3.3.1 Grails Spring Security Core plugin versions 4.0.0 through 4.0.4 Grails Spring...

9.8CVSS9.5AI score0.01693EPSS
Exploits0References9
Rows per page
Query Builder