CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2026/02/05 3:20 a.m.•1 views

GO-2026-4397 OpenList has Insecure TLS Default Configuration in github.com/OpenListTeam/OpenList

OpenList has Insecure TLS Default Configuration in github.com/OpenListTeam/OpenList...

8.1CVSS5.3AI score0.00014EPSS

Exploits0References5

Cvelist•added 2026/02/03 6:16 p.m.•24 views

CVE-2025-52631 HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security (HSTS) Header vulnerability.

HCL AION is affected by a Missing or Insecure HTTP Strict-Transport-Security HSTS Header vulnerability. This can allow insecure connections, potentially exposing the application to man-in-the-middle and protocol downgrade attacks.. This issue affects AION: 2.0...

3.7CVSS0.00064EPSS

Exploits0References1

Tenable Nessus•added 2025/11/20 12:0 a.m.•4 views

TencentOS Server 4: perl-HTTP-Tiny (TSSA-2024:0938)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0938 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.1CVSS7.1AI score0.00767EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-54864

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00013EPSS

Exploits0References1

Positive Technologies•added 2025/09/23 12:0 a.m.•3 views

PT-2025-39149

Name of the Vulnerable Software and Affected Versions CleverControl versions prior to 11.5.1041.6 Description The software does not validate TLS server certificates during installation. The installer uses curl.exe --insecure to download and execute external components, allowing a man-in-the-middl...

6.5CVSS7.7AI score0.0042EPSS

Exploits0References9

Positive Technologies•added 2025/08/12 12:0 a.m.•3 views

PT-2025-32644 · Smartclient · Smartclient Opcenter Ql Home +2

Name of the Vulnerable Software and Affected Versions: SmartClient Opcenter QL Home SC versions 13.2 through 2505 SmartClient SOA Audit versions 13.2 through 2505 SmartClient SOA Cockpit versions 13.2 through 2505 Description: The affected application supports insecure TLS 1.0 and 1.1 protocols...

6.4CVSS6.2AI score0.00013EPSS

Exploits0References4

CNNVD•added 2025/08/12 12:0 a.m.•1 views

Siemens多款产品加密问题漏洞

Siemens SmartClient modules Opcenter QL Home is a client module from Siemens Germany. A vulnerability exists in various Siemens products due to an encryption issue that stems from support for the insecure TLS protocol, which could lead to a man-in-the-middle attack. The following products and...

6.8CVSS6.4AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:17 a.m.•2 views

CVE-2023-23131

Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security ATS Settings...

7.5CVSS6.8AI score0.00265EPSS

Exploits0References1

OSV•added 2023/02/01 2:15 p.m.•0 views

CVE-2023-23131

Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security ATS Settings...

7.5CVSS7.1AI score0.00265EPSS

Exploits0References1

Positive Technologies•added 2023/02/01 12:0 a.m.•2 views

PT-2023-18851 · Selfwealth · Selfwealth Ios Mobile App

Name of the Vulnerable Software and Affected Versions: Selfwealth iOS mobile App version 3.3.1 Description: The issue concerns Insecure App Transport Security ATS Settings in the Selfwealth iOS mobile App. This means the app may not properly secure its communication, potentially allowing for...

7.5CVSS7.2AI score0.00265EPSS

Exploits0References4

NVD•added 2021/12/21 5:15 p.m.•9 views

CVE-2021-36337

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols TLS 1.0 and TLS 1.1 which are susceptible to Man-In-The-Middle attacks thereby compromising Confidentiality and Integrity of data...

7.4CVSS0.001EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by