Lucene search
+L

1081 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-15925

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 and 3.18.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this b...

9.2CVSS0.00177EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-15925 Improper TLS Hostname Verification in Snowflake Connector for Python

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 and 3.18.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this b...

9.2CVSS0.00177EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44869

Improper TLS hostname verification in Snowflake Connector for Python versions prior to 4.7.1 and 3.18.1 may have allowed a network-positioned attacker to bypass certificate hostname validation on HTTPS connections made by the connector. An attacker with on-path network access could exploit this b...

9.2CVSS6.2AI score0.00177EPSS
Exploits0References2
CVE
CVE
added 2 days ago23 views

CVE-2026-15925

The CVE-2026-15925 entry describes an Improper TLS hostname verification vulnerability in Snowflake Connector for Python and affects versions prior to 4.7.1. An on-path attacker who can intercept traffic could bypass hostname validation during HTTPS connections by presenting a certificate from an...

9.2CVSS6.2AI score0.00177EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2 days ago9 views

PT-2026-60425

Name of the Vulnerable Software and Affected Versions Snowflake Connector for Python versions prior to 4.7.1 Snowflake Connector for Python versions prior to 3.18.1 Description Improper TLS hostname verification allows a network-positioned attacker to bypass certificate hostname validation on HTT...

9.2CVSS6.1AI score0.00177EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago6 views

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in DataView

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in DataView. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-44981 DESCRIPTION: Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. If SASL Quorum Peer...

9.1CVSS7.5AI score0.02667EPSS
Exploits2Affected Software1
RedHat Linux
RedHat Linux
added 5 days ago9 views

crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...

7.5CVSS6.9AI score0.00939EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 5 days ago3 views

The vulnerability of the gnutls_x509_crt_check_hostname2() function in the lib/x509/hostname-verify.c file, lines 111,245–265, of the GnuTLS cryptographic library allows a attacker to replace the server and gain unauthorized access to protected information.

The vulnerability of the gnutlsx509crtcheckhostname2 function in the lib/x509/hostname-verify.c file at line 111,245-265 of the GnuTLS cryptographic library is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to replace the server and...

8.5CVSS6.1AI score0.00354EPSS
Exploits0References27Affected Software8
BDU FSTEC
BDU FSTEC
added 5 days ago3 views

The vulnerability of the gnutls_x509_crt_check_hostname2() function in the lib/x509/hostname-verify.c file of the GnuTLS cryptographic library allows a attacker to perform a MITM attack.

The vulnerability of the gnutlsx509crtcheckhostname2 function in the lib/x509/hostname-verify.c file of the GnuTLS cryptographic library is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to perform a MITM attack...

8.5CVSS6.1AI score0.00423EPSS
Exploits0References28Affected Software8
RedHat Linux
RedHat Linux
added 2026/07/09 3:29 p.m.7 views

netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager X509TrustManager, it fails to perform...

7.5CVSS7AI score0.00269EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/09 6:26 a.m.37 views

CVE-2026-47840 LDAP StartTLS unconditionally disables hostname verification

A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselv...

9.3CVSS0.00132EPSS
Exploits0References1
CVE
CVE
added 2026/07/09 6:26 a.m.13 views

CVE-2026-47840

CVE-2026-47840 concerns LDAP StartTLS with UAA: a network attacker between UAA and its LDAP directory can impersonate the directory using any trusted certificate, harvest LDAP bind passwords and end-user passwords during simple-bind, and return forged group memberships that grant admin scopes. Af...

9.3CVSS6AI score0.00132EPSS
Exploits0References1
Amazon
Amazon
added 2026/07/08 12:0 a.m.6 views

Medium: containerd

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.9AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Important: ecs-init

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt ...

9.6CVSS7AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.6 views

Medium: containerd

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.9AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00939EPSS
Exploits0
Amazon
Amazon
added 2026/07/08 12:0 a.m.6 views

Important: docker

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS7.5AI score0.00939EPSS
Exploits0
Cloud Foundry
Cloud Foundry
added 2026/07/08 12:0 a.m.8 views

CVE-2026-47840 - LDAP StartTLS unconditionally disables hostname verification | Cloud Foundry

Severity High CVSS score: 8.3 High CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N CVSS score: 7.5 High CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N/RL:O Vendor CloudFoundry Foundation Versions Affected Severity is High unless otherwise noted. UAA All versions prior to v78.13.0...

9.3CVSS6AI score0.00132EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/07/07 6:15 p.m.7 views

crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...

7.5CVSS6AI score0.00939EPSS
Exploits0References8
Rows per page
Query Builder