Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
added 2026/06/30 3:47 p.m.4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/07/02 12:0 a.m.4 views

GFI Kerio Control 安全漏洞

GFI Kerio Control is a Unified Threat Management UTM solution from GFI Malta. The product includes features such as virus protection, web content filtering and application filtering. A security vulnerability exists in GFI Kerio Control version 9.4.5, which stems from an insecure upgrade mechanism...

9.8CVSS7.8AI score0.00701EPSS
Exploits1References2
CNVD
CNVD
added 2023/06/06 12:0 a.m.3 views

Dell EMC SCG Policy Manager Information Disclosure Vulnerability

Dell EMC SCG Policy Manager is a secure connectivity gateway policy manager from Dell, Inc. An information disclosure vulnerability exists in Dell EMC SCG Policy Manager version 5.14, which stems from insufficient protection of sensitive information in the upgrade path from SRS to SCG, and can be...

6.5CVSS6.4AI score0.00338EPSS
Exploits0References1
curl security advisories
curl security advisories
added 2023/02/15 8:0 a.m.11 views

HSTS amnesia with --parallel

curl's HSTS cache saving behaves wrongly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when...

6.5CVSS6.8AI score0.00861EPSS
Exploits0References1Affected Software2
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.4 views

Jenkins promoted builds Plugin 跨站脚本漏洞

Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.The Jenkins promoted builds Plugin is vulnerable to an input validation error that could be exploited by an attacker to...

5.4CVSS5.6AI score0.00784EPSS
Exploits0References4
Rows per page
Query Builder