Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.2 views

MiracleLinux 4 : wpa_supplicant-0.7.3-6.AXS4 (AXSA:2015-341:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-341:01 advisory. wpasupplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. Supplicant is the IEEE 802.1X/WPA component tha...

4.3CVSS6.4AI score0.07071EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2024/03/05 11:15 p.m.38 views

CVE-2023-45289

When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a...

4.3CVSS6.7AI score0.00615EPSS
Exploits0References9
CVE
CVEadded 2024/03/05 10:22 p.m.333 views

CVE-2023-45289

CVE-2023-45289 concerns the Go net/http redirect handling: when following an HTTP redirect to a domain that is not a subdomain/exact match of the initial domain, sensitive headers (e.g., Authorization, Cookie) may be forwarded inappropriately. The connected advisories (e.g., ALAS2DOCKER-2024-045,...

4.3CVSS6.6AI score0.00615EPSS
Exploits0References6
OpenVAS
OpenVASadded 2015/10/06 12:0 a.m.31 views

Oracle: Security Advisory (ELSA-2015-1439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.5AI score0.07071EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2015/06/12 12:0 a.m.30 views

Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20150611)

A buffer overflow flaw was found in the way wpasupplicant handled SSID information in the Wi-Fi Direct / P2P management frames. A specially crafted frame could allow an attacker within Wi-Fi radio range to cause wpasupplicant to crash or, possibly, execute arbitrary code. CVE-2015-1863 An integer...

5.8CVSS6.3AI score0.08546EPSS
Exploits0References3
OSV
OSVadded 2013/04/29 10:55 p.m.2 views

CVE-2013-1944

The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL...

5CVSS6.3AI score0.02482EPSS
Exploits1References23
RedHat Linux
RedHat Linuxadded 2007/11/13 9:42 a.m.1 views

Net: HTTP insufficient verification of SSL certificate

The connect method in lib/net/http.rb in the 1 Net::HTTP and 2 Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName CN field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions v...

4.3CVSS7.2AI score0.02218EPSS
Exploits0References4
Rows per page
Query Builder