Lucene search
K

50 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0399

Malware in sbrugna...

6.4CVSS6.4AI score0.0281EPSS
Exploits0References9
Qualys Blog
Qualys Blog
added 2025/04/24 5:0 p.m.17 views

Shrinking Lifespans, Growing Risk: The Final Certificate Countdown

Recent Developments Severely Shorten Certificate Lifespans. The SSL/TLS ecosystem is shifting rapidly and not in a way that favors already stretched teams. Historically, certificates could be valid for up to 10 years. Certificates now face drastically shorter lifespans. DigiCert and other major...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2024/11/04 8:0 a.m.21 views

CVE-2024-51774

A flaw was found in qBittorrent's DownloadManager component. This vulnerability allows remote code execution via improper validation of SSL/TLS certificates, enabling attackers to perform man-in-the-middle and RCE attacks...

8.1CVSS7.6AI score0.03295EPSS
Exploits2References6
Veracode
Veracode
added 2024/09/10 5:36 a.m.7 views

Insecure HTTPS Connections

nategood/httpful is vulnerable to Insecure HTTPS Connections. The vulnerability is due to the lack of built-in certificate validation mechanisms in the Httpful library, which fails to enforce the proper verification of SSL/TLS certificates by default. It allows attackers to intercept and manipula...

7AI score
Exploits0
NVD
NVD
added 2024/08/12 1:38 p.m.15 views

CVE-2024-5445

Ecosystem Agent version 4 4.1.5.2597 and Ecosystem Agent version 5 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position...

3.8CVSS0.00295EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/08 10:4 p.m.30 views

CVE-2024-5445 Ecosystem Agent Insufficient Transport Layer Security

Ecosystem Agent version 4 4.1.5.2597 and Ecosystem Agent version 5 5.1.4.2473 did not properly validate SSL/TLS certificates, which could allow a malicious actor to perform a Man-in-the-Middle and intercept traffic between the agent and N-able servers from a privileged network position...

3.8CVSS0.00295EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/08/08 7:21 p.m.38 views

USN-6948-1: Salt vulnerabilities

It was discovered that Salt incorrectly handled crafted web requests. A remote attacker could possibly use this issue to run arbitrary commands. CVE-2020-16846 It was discovered that Salt incorrectly created certificates with weak file permissions. CVE-2020-17490 It was discovered that Salt...

9.8CVSS7.3AI score0.99585EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.38 views

Ubuntu 16.04 LTS / 18.04 LTS : Salt vulnerabilities (USN-6948-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6948-1 advisory. It was discovered that Salt incorrectly handled crafted web requests. A remote attacker could possibly use this issue to run arbitrary...

9.8CVSS7.5AI score0.99585EPSS
Exploits13References13
Imperva Blog
Imperva Blog
added 2024/07/19 6:50 p.m.6 views

On Entrust? Imperva has your back!

Managing SSL/TLS certificates is a critical yet complex task for any organization. Certificates ensure secure communication between users and your web applications, but maintaining them involves constant vigilance and expertise. From monitoring expiration dates to renewing and deploying new...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2024/03/18 11:30 a.m.757 views

Shodan Dorks

Shodan Dorks by twitter.com/lothos612 Feel free to make suggestions Shodan Dorks Basic Shodan Filters city: Find devices in a particular city. city:"Bangalore" country: Find devices in a particular country. country:"IN" geo: Find devices by giving geographical coordinates...

10CVSS7.7AI score0.99335EPSS
Exploits16References1
OpenVAS
OpenVAS
added 2021/10/08 12:0 a.m.30 views

Jenkins < 2.303.2, < 2.315 HTTP Library Vulnerability - Linux

Jenkins is prone to a vulnerability in the bundled version of commons-httpclient library. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...

5.8CVSS6.5AI score0.09149EPSS
Exploits1References1
The Hacker News
The Hacker News
added 2020/09/01 9:51 a.m.24 views

Maximum Lifespan of SSL/TLS Certificates is 398 Days Starting Today

Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months 825 days. In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates...

Exploits0
NVD
NVD
added 2020/02/28 11:15 p.m.19 views

CVE-2015-3006

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOMINTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for...

6.8CVSS6.6AI score0.00771EPSS
Exploits0References1
CVE
CVE
added 2020/02/28 10:26 p.m.135 views

CVE-2015-3006

CVE-2015-3006 applies to Juniper Junos OS on QFX3500 and QFX3600 switches. The described vulnerability is an entropy issue: during boot the device collects too few bytes from the RANDOM_INTERRUPT entropy source, which can lead to weak or duplicate SSH keys and self-signed SSL/TLS certificates. En...

6.8CVSS6.6AI score0.00771EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-1980)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.98685EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/09/17 12:0 a.m.242 views

EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-1861)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker...

10CVSS8.2AI score0.77906EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.29 views

EulerOS Virtualization for ARM 64 3.0.1.0 : libvirt (EulerOS-SA-2019-1394)

According to the versions of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest ...

8.1CVSS6.9AI score0.03236EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/05/14 12:0 a.m.44 views

EulerOS Virtualization 3.0.1.0 : libvirt (EulerOS-SA-2019-1456)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to...

8.1CVSS6.9AI score0.03236EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2019/03/06 8:1 a.m.134 views

RSAC 2019: TLS Markets Flourish on the Dark Web

SAN FRANCISCO – Thriving marketplaces for TLS certificates have emerged on the Dark Web, which are hawking the certs both as individual goods and packaged with an array of malware and other ancillary services. The research, from Venafi, the University of Surrey and the Evidence-based Cybersecurit...

Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/02/21 12:0 a.m.46 views

Ubuntu 14.04 LTS / 16.04 LTS : libvirt vulnerabilities (USN-3576-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3576-1 advisory. Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set ...

9.8CVSS7.1AI score0.03623EPSS
Exploits0References5
Rows per page
Query Builder