Lucene search
K

26 matches found

OSV
OSV
added 2026/04/27 5:25 p.m.6 views

CLSA-2026-1777310722 openldap: Fix of 15 CVEs

CVE-2019-13565: SASL session encryption SSF not reset on new connection, allowing downgrade - CVE-2020-12243: slapd crash via deeply nested LDAP search filter boolean expressions - CVE-2020-25692: NULL pointer dereference in slapd during modRDN request - CVE-2020-25709: slapd assertion failure...

7.5CVSS6.8AI score0.84224EPSS
Exploits1References1
OSV
OSV
added 2026/04/27 3:30 p.m.10 views

GHSA-82FM-WPC2-5PMP Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

4.8CVSS5.8AI score0.00193EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/01 12:0 a.m.2 views

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' in the TLS 1.3 session resumption logic if the subsequent ClientHello negotiates TLS 1.2 back. An attacker can gain unauthorized access by impersonating a...

9.1CVSS5.8AI score0.00241EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 3:2 p.m.5 views

CVE-2026-32309

Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.1, the Hub-based unlock flow explicitly supports hub+http and consumes Hub endpoints from vault metadata without enforcing HTTPS. As a result, a vault configuration can drive OAuth and key-loading traffic over...

8.7CVSS5.8AI score0.00204EPSS
Exploits0References1
CVE
CVE
added 2026/03/20 6:19 p.m.17 views

CVE-2026-32309

Cryptomator (hub-based unlock flow) is affected prior to version 1.19.1. The vault metadata may drive OAuth and key-loading traffic over plaintext HTTP or insecure endpoint schemes instead of HTTPS, enabling a network attacker to observe or tamper with traffic. Bearer tokens and endpoint-level tr...

8.7CVSS5.8AI score0.00204EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.6 views

AMD Processors 安全漏洞

AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper lockpick protection measures. These vulnerabilities may lead to firmware downgrades and loss of integrity. The following produc...

6.7CVSS5.8AI score0.00136EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/24 12:0 a.m.5 views

SUSE SLES15 Security Update : gpg2 (SUSE-SU-2026:0214-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0214-1 advisory. - CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. - Avoid potential downgrade to SHA1 in 3rd...

7.8CVSS5.9AI score0.00129EPSS
Exploits1References7
SUSE Linux
SUSE Linux
added 2026/01/22 12:10 p.m.8 views

Security update for gpg2

This update for gpg2 fixes the following issues: CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. Error out on unverified output for non-detached signatures...

8CVSS5.7AI score0.00129EPSS
Exploits1References12
OSV
OSV
added 2026/01/22 12:9 p.m.4 views

SUSE-SU-2026:0214-1 Security update for gpg2

This update for gpg2 fixes the following issues: - CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. - Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. - Error out on unverified output for non-detached signatures...

7.8CVSS5.8AI score0.00129EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/12/29 12:0 a.m.5 views

Alibaba Cloud Linux 3 : 0199: curl (ALINUX3-SA-2025:0199)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0199 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9086: 1. A cookie is set using the secure...

7.5CVSS6.3AI score0.01301EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/11/12 12:0 a.m.4 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2025-2382)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : 1. A cookie is set using the secure keyword for https://target 2. curl is redirected to or otherwise made to speak with http://target same hostname,...

7.5CVSS6.4AI score0.01301EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/18 3:27 p.m.5 views

CVE-2025-59270

psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol. Fixed in 7.0.2...

3.1CVSS7AI score0.00221EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/16 2:41 p.m.3 views

CVE-2025-59270 psPAS does not enforce TLS 1.2 within Get-PASSAMLResponse

psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse' function during the SAML authentication process. An unauthenticated attacker in a 'Man-in-the-Middle' position could manipulate the TLS handshake and downgrade TLS to a deprecated protocol. Fixed in 7.0.2...

3.1CVSS6.7AI score0.00221EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.5 views

Debian dla-4290 : python3-h2 - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4290 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4290-1 [email protected] https://www.debian.org/lts/security/...

6.9CVSS5.5AI score0.01596EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:58 a.m.17 views

CVE-2023-6529

The WP VR WordPress plugin before 8.3.15 does not authorisation and CSRF in a function hooked to admininit, allowing unauthenticated users to downgrade the plugin, thus leading to Reflected or Stored XSS, as previous versions have such vulnerabilities...

6.1CVSS6.8AI score0.00219EPSS
Exploits1
OSV
OSV
added 2023/12/19 1:8 p.m.6 views

USN-6561-1 libssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

5.9CVSS6.8AI score0.9378EPSS
Exploits4References2
Vulnrichment
Vulnrichment
added 2023/12/18 12:0 a.m.2 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

7AI score0.9378EPSS
Exploits4References118
ATTACKERKB
ATTACKERKB
added 2023/03/22 11:0 p.m.7 views

CVE-2023-20082

A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This...

6.8CVSS6.7AI score0.00375EPSS
Exploits0References2
OSV
OSV
added 2022/02/04 11:15 p.m.4 views

CVE-2018-25029

The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability CVE-2013-20003 to intercept and spoof traffic...

8.1CVSS5.8AI score0.00616EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2020/06/11 9:11 a.m.1 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
Rows per page
Query Builder