Lucene search
+L

4367 matches found

Nuclei
Nuclei
added 11 hours ago41 views

ExponentCMS <= 2.6 - Host Header Injection

An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack vector for MITM. id: CVE-2021-38751 info: name: ExponentCMS = 2.6 - Host Header Injection author:...

4.3CVSS5.2AI score0.02468EPSS
Exploits1References5
Cvelist
Cvelist
added 2 days ago38 views

CVE-2024-23573

HCL Aftermarket EPC is vulnerable to attack since the Application is vulnerable to Lucky 13. that makes the SS LLUCKY13 possible affects the TLS1.1and 1.2 and DTLS1.0 or 1.2 implementations . It also affects previous versions such as SSL3.0 and TLS1.0. This can also be considered a type of...

3.7CVSS0.00155EPSS
Exploits0References1
CVE
CVE
added 3 days ago12 views

CVE-2026-35145

HCL DFXAnalytics is reported as affected by a Missing HTTP Strict-Transport-Security Header vulnerability. The issue arises because the application’s web responses do not include the Strict-Transport-Security header, potentially allowing an attacker to downgrade to HTTP and perform MITM attacks. ...

3.1CVSS6.1AI score0.00173EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass,...

8.3CVSS5.5AI score0.00387EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-56434

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 4 days ago45 views

CVE-2026-9770 Hardcoded Cryptographic Key Information Disclosure Vulnerability on TP-Link Kasa EC70 and EC71

Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices. An attacker with access to the firmware image can extract the embedded key. Successful exploitation may allow an unauthenticated attacker on the same...

8.6CVSS0.00221EPSS
Exploits0References5
CVE
CVE
added 6 days ago23 views

CVE-2026-58065

The CVE affects the Apache Airflow Git provider when performing git-over-SSH operations with StrictHostKeyChecking=no, which disables SSH host-key verification and enables MITM risk between an Airflow worker and the Git server. Deployments that clone over SSH using a deploy key or involve the Git...

8.1CVSS6.1AI score0.00461EPSS
Exploits0References3Affected Software1
OSV
OSV
added 6 days ago2 views

MAL-2026-10424 Malicious code in terminal-mascot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3fdf1ac60d0060cb78970c884bcfa7bb5360d9f700c0f8992b66af09cce22ae [email protected] ships a postinstall script install-check.cjs that resolves a bundle URL from a remote JSON config at...

6.3AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 6 days ago3 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS6AI score0.00324EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 6 days ago3 views

The vulnerability of the function nameconstraints_node_list_intersect() in the lib/x509/name_constraints.c file, lines 726-727, of the cryptographic library GnuTLS, allows a attacker to perform a MIT attack.

The vulnerability of the nameconstraintsnodelistintersect function in the lib/x509/nameconstraints.c file, lines 726-727, of the cryptographic library GnuTLS is related to errors in the certificate validation process. Exploiting this vulnerability could allow an attacker to perform a MITM attack...

7.4CVSS6.1AI score0.00475EPSS
Exploits0References27Affected Software8
SUSE CVE
SUSE CVE
added 2026/07/07 3:21 p.m.8 views

SUSE CVE-2026-9697

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS6AI score0.00476EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-54291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from...

8.2CVSS6.1AI score0.00236EPSS
Exploits0References3
NVD
NVD
added 2026/07/06 7:17 p.m.12 views

CVE-2026-54291

pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to...

8.2CVSS0.00236EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/03 3:11 p.m.8 views

CVE-2026-14612

Two off-by-one errors in the FreeIPA ipa-otpd daemon's OAuth2 device authorization handler can cause out-of-bounds memory access when processing an oversized response from a configured external OAuth2/OIDC Identity Provider. An attacker who controls or can man-in-the-middle the IdP endpoint may b...

4.2CVSS6AI score0.00142EPSS
Exploits0References3
Snyk
Snyk
added 2026/07/01 9:51 p.m.4 views

Not Failing Securely ('Failing Open')

Overview Affected versions of this package are vulnerable to Not Failing Securely 'Failing Open' in the TlsServerEndpoint process when a server presents an X.509 certificate using a modern signature algorithm lacking traditional naming structures. An attacker can bypass strict client-side...

8.2CVSS6AI score0.0026EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 5:41 p.m.7 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.7AI score0.00324EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

RHEL 9 : ruby (RHSA-2026:33512)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:33512 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...

7.6CVSS5.8AI score0.00813EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.7 views

FreeBSD : PostgresSQL JDBC -- Silent channel-binding authentication downgrade via unsupported certificate algorithms (7701f760-745c-11f1-bc50-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7701f760-745c-11f1-bc50-6cc21735f730 advisory. PostgreSQL project reports: channelBinding=require connections can be silently downgraded from...

8.2CVSS6.2AI score0.00236EPSS
Exploits0References3
Hacker One
Hacker One
added 2026/06/26 8:40 a.m.24 views

curl: mbedTLS / wolfSSL / rustls backends silently skip hostname verification when CURLOPT_SSL_VERIFYPEER=0

Summary When an application sets CURLOPTSSLVERIFYPEER=0 while keeping CURLOPTSSLVERIFYHOST=2 the default, the mbedTLS, wolfSSL, and rustls TLS backends silently skip the hostname-vs-certificate check. The OpenSSL, GnuTLS, and Schannel backends correctly preserve hostname checking under the same...

6.1AI score
Exploits0
CVE
CVE
added 2026/06/22 3:43 p.m.29 views

CVE-2026-12249

Canonical ADSys upstream versions up to v0.16.2 expose a flaw in AD CS auto-enrollment where the vendored Samba client uses plaintext HTTP (GETCACert) to fetch the CA certificate, enabling a network attacker in a MITM position to supply an attacker-controlled Root CA. This leads to automatic enro...

9.5CVSS6AI score0.00111EPSS
Exploits0References2
Rows per page
Query Builder