CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

105 matches found

FortiOS - Insecure LDAP Configuration Detection

The FortiGate LDAP configuration was detected to be insecure due to missing ca-cert, secure LDAPS, or server-identity-check, potentially exposing LDAP communications to credential interception or man-in-the-middle attacks under specific network conditions. id: CVE-2019-5591 info: name: FortiOS -...

6.5CVSS7.1AI score0.50553EPSS

Exploits1References2

Hacker One•added 2026/03/31 10:47 p.m.•8 views

curl: Missing server identity policy enforcement in SSH connection reuse allows host key verification bypass via pool poisoning

Missing server identity policy enforcement in SSH connection reuse allows host key verification bypass via pool poisoning --- Summary sshconfigmatches in lib/url.c decides whether an existing SSH connection can be reused by a new transfer handle. It checks client key paths rsa, rsapub but never...

7.7CVSS7.2AI score0.00469EPSS

Exploits2

CVE•added 2026/02/13 12:22 a.m.•8 views

CVE-2025-9293

The CVE-2025-9293 entry describes a vulnerability in TLS certificate validation across multiple mobile applications. Root cause: insufficient validation of server identities during TLS, enabling an attacker in a privileged network position to intercept or modify traffic. Impact includes confident...

8.1CVSS5.6AI score0.00014EPSS

Exploits0References2Affected Software14

NVD•added 2026/02/09 6:16 a.m.•2 views

CVE-2026-22613

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest firmware version of Eaton Network M3 which is available on the...

5.7CVSS0.00037EPSS

Exploits0References1

CVE•added 2026/02/09 5:39 a.m.•8 views

CVE-2026-22613

The CVE-2026-22613 entry pertains to Eaton Network M3 firmware upgrades via command shell, where the server identity check during upgrade is insecure, enabling potential MITM. Affected component: firmware upgrade mechanism; root cause: insecure server identity verification in upgrade flow. Impact...

5.7CVSS5.4AI score0.00037EPSS

Exploits0References1

Cvelist•added 2026/02/09 5:39 a.m.•23 views

CVE-2026-22613

5.7CVSS0.00037EPSS

Exploits0References1

Positive Technologies•added 2026/02/09 12:0 a.m.•5 views

PT-2026-7071

5.7CVSS5.5AI score0.00037EPSS

Exploits0References2

CNNVD•added 2026/02/09 12:0 a.m.•2 views

Eaton Network M3 安全漏洞

Eaton Network M3 is a security network interface card developed by the American company Eaton. There is a security vulnerability in Eaton Network M3, which stems from the insecure mechanism for server identity checks executed through command shells during firmware updates. This vulnerability may...

5.7CVSS5.8AI score0.00037EPSS

Exploits0References1

OSV•added 2026/01/12 1:21 p.m.•2 views

CLSA-2026-1768224107 perl: Fix of CVE-2023-31484

CVE-2023-31484: add verifySSL=1 to HTTP::Tiny to verify https server identity...

8.1CVSS7.1AI score0.01523EPSS

Exploits1References1

OSV•added 2026/01/12 1:16 p.m.•3 views

CLSA-2026-1768223815 perl: Fix of CVE-2023-31484

CVE-2023-31484: add verifySSL=1 to HTTP::Tiny to verify https server identity...

8.1CVSS5.8AI score0.01523EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-17311

Malware in sbrugna...

8.1CVSS8.1AI score0.00794EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-15208

Malware in sbrugna...

5.8CVSS5.5AI score0.00111EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2012-5516

Malware in sbrugna...

8.8CVSS8.6AI score0.0051EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-2501

Malware in sbrugna...

7.4CVSS7.3AI score0.00185EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0759

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00155EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-23851

Malicious code in bioql PyPI...

5.7CVSS6.6AI score0.00169EPSS

Exploits0References1

Tenable Nessus•added 2025/08/27 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2022-4492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step at least it should b...

7.5CVSS7.1AI score0.00155EPSS

Exploits0References2

RedhatCVE•added 2025/08/08 4:7 p.m.•9 views

CVE-2025-48393

The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center...

5.7CVSS6.6AI score0.00169EPSS

Exploits0References1

NVD•added 2025/08/06 4:15 p.m.•3 views

CVE-2025-48393

5.7CVSS0.00169EPSS

Exploits0References1