Lucene search
K

145 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2004-0777

Malware in sbrugna...

7.5CVSS6.4AI score0.02109EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-0428

Malware in sbrugna...

7.5CVSS6.4AI score0.03234EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 a.m.13 views

CVE-2011-1643

Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x, 7.x before 7.15bsu4, 8.0, and 8.5 before 8.51su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session,...

10CVSS6.9AI score0.01902EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:15 a.m.8 views

CVE-2013-2770

The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server OES on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate...

5.8CVSS6.9AI score0.00588EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/02 4:15 p.m.21 views

CVE-2025-20212

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service DoS condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must...

7.7CVSS0.00655EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.25 views

Amazon Linux 2 : nginx (ALASNGINX1-2025-008)

The version of nginx installed on the remote host is prior to 1.26.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2025-008 advisory. When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to...

5.3CVSS5.6AI score0.02557EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-0564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer underflow in the ssldecryptrecord function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remot...

5CVSS6.5AI score0.02775EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/15 12:0 a.m.18 views

Fedora 40 : nginx / nginx-mod-fancyindex / nginx-mod-modsecurity / etc (2025-016ed44ddc)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-016ed44ddc advisory. Changes with nginx 1.26.3 05 Feb 2025 Security: insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different...

5.3CVSS5.5AI score0.02557EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.16 views

Nginx 1.27.x < 1.27.4 SSL Session Reuse

According to its Server response header, the installed version of nginx is from 1.11.4 to 1.26.2 or 1.27.x prior to 1.27.4. It is, therefore, affected by a SSL session reuse vulnerability due to insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a...

5.3CVSS7.2AI score0.02557EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/12 12:0 a.m.10 views

Nginx 1.11.4 < 1.26.3 SSL Session Reuse

According to its Server response header, the installed version of nginx is from 1.11.4 to 1.26.2 or 1.27.x prior to 1.27.4. It is, therefore, affected by a SSL session reuse vulnerability due to insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a...

5.3CVSS7.2AI score0.02557EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.11 views

Azure Linux 3.0 Security Update: curl (CVE-2024-0853)

The version of curl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0853 advisory. - curl inadvertently kept the SSL session ID for connections in its cache even when the verify status OCSP stapli...

5.3CVSS6.4AI score0.01102EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/07 9:13 a.m.13 views

CVE-2025-23419

A flaw was found in nginx. When name-based virtual hosts are configured to share the same IP address and port combination with TLS 1.3 and OpenSSL, a previously authenticated attacker can use session resumption to bypass client certificate authentication requirements on these servers. This...

4.3CVSS4.7AI score0.02557EPSS
Exploits0References4
OSV
OSV
added 2025/02/07 7:15 a.m.32 views

BIT-NGINX-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS4.9AI score0.02557EPSS
Exploits0References4
OSV
OSV
added 2025/02/05 6:15 p.m.23 views

CVE-2025-23419

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2025/02/05 6:15 p.m.6 views

UBUNTU-CVE-2025-23419

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS6.9AI score0.02557EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/02/05 5:31 p.m.23 views

CVE-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS5AI score0.02557EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.49 views

CVE-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS0.02557EPSS
Exploits0References1
Nginx
Nginx
added 2025/02/05 5:31 p.m.2090 views

SSL session reuse vulnerability

SSL session reuse vulnerability Severity: medium CVE-2025-23419 Not vulnerable: 1.27.4+, 1.26.3+ Vulnerable: 1.11.4-1.27.3...

5.3CVSS7.1AI score0.02557EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2025/02/05 5:31 p.m.21 views

CVE-2025-23419

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS7.4AI score0.02557EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2025/02/05 5:31 p.m.9 views

CVE-2025-23419

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS6.5AI score0.02557EPSS
Exploits0
Rows per page
Query Builder