Lucene search
K

31 matches found

NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-54275

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, the serverhostname TLS SNI check can be bypassed when an existing connection is reused. If an application makes multiple requests to the same domain, but with different per-request serverhostname...

7.5CVSS0.00266EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26601

Name of the Vulnerable Software and Affected Versions Traefik versions 2.11.40 and below Traefik versions 3.0.0-beta1 through 3.6.11 Traefik version 3.7.0-ea.1 Description Traefik, an HTTP reverse proxy and load balancer, is susceptible to a mutual TLS mTLS bypass. This occurs due to a flaw in th...

7.8CVSS5.8AI score0.00463EPSS
Exploits1References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-12713

Malware in sbrugna...

9.1CVSS9AI score0.01281EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-6591

Malware in sbrugna...

5.9CVSS6.7AI score0.02643EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: httpd (UTSA-2025-987457)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987457 advisory. Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into lo...

7.5CVSS7.2AI score0.00669EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-26055

Malicious code in bioql PyPI...

4.1CVSS4.8AI score0.00176EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/09/08 7:4 p.m.2 views

httpd: insufficient escaping of user-supplied data in mod_ssl

A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...

7.5CVSS5.8AI score0.00669EPSS
Exploits0References5
OSV
OSV
added 2025/07/10 5:15 p.m.7 views

AZL-65172 CVE-2024-47252 affecting package httpd for versions less than 2.4.64-1

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

7.5CVSS7.1AI score0.00669EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:55 p.m.9 views

CVE-2020-1887

Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust...

9.1CVSS6.9AI score0.01281EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/25 7:26 p.m.6 views

io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

5.4CVSS7.1AI score0.01055EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/18 12:0 a.m.4 views

PT-2024-3092 · Envoy +1 · Envoy +1

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.5 Envoy versions prior to 1.28.3 Envoy versions prior to 1.29.4 Envoy versions prior to 1.30.1 Description: The issue arises when an upstream TLS cluster is used with auto sni enabled and a request contains a...

7.8CVSS6.9AI score0.00679EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2024/04/09 6:41 a.m.2 views

io.vertx:vertx-core: memory leak when a TCP server is configured with TLS and SNI support

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

5.4CVSS7.1AI score0.01055EPSS
Exploits0References5
OSV
OSV
added 2024/04/02 9:30 a.m.10 views

GHSA-9PH3-V2VH-3QX7 Eclipse Vert.x vulnerable to a memory leak in TCP servers

A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name assigned the default certificate instead of a mapped certificate, the SSL context is erroneously cached in the server name map, leading...

5.4CVSS7AI score0.01055EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2024/02/06 12:0 a.m.4 views

PT-2024-7970 · Eclipse · Eclipse Vert.X

Name of the Vulnerable Software and Affected Versions: Eclipse Vert.x affected versions not specified Description: A vulnerability in the Eclipse Vert.x toolkit causes a memory leak in TCP servers configured with TLS and SNI support. When processing an unknown SNI server name, the default...

5.5CVSS7.6AI score0.01055EPSS
Exploits0References29
Positive Technologies
Positive Technologies
added 2022/04/20 12:0 a.m.8 views

PT-2022-2551 · Cisco · Cisco Umbrella Secure Web Gateway

Name of the Vulnerable Software and Affected Versions: Cisco Umbrella Secure Web Gateway SWG affected versions not specified Description: A vulnerability in the automatic decryption process could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies...

4.1CVSS3.9AI score0.00176EPSS
Exploits0References5
OSV
OSV
added 2020/09/22 4:22 p.m.5 views

OPENSUSE-SU-2020:1505-1 Security update for libetpan

This update for libetpan fixes the following issues: Update to 1.9.4 boo1174579, CVE-2020-15953: Bugfixes on QUOTA Varios warning fixes & build fixes Update to version 1.9.3 Added IMAP CLIENTID / SMTP CLIENTID support Use Cyrus SASL 2.1.27 Update to version 1.9.2 Support of TLS SNI LMDB for cache...

7.4CVSS7.5AI score0.02393EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2020/09/21 12:0 a.m.22 views

openSUSE Security Update : libetpan (openSUSE-2020-1454)

This update for libetpan fixes the following issues : Update to 1.9.4 boo1174579, CVE-2020-15953 : - Bugfixes on QUOTA - Varios warning fixes & build fixes Update to version 1.9.3 - Added IMAP CLIENTID / SMTP CLIENTID support - Use Cyrus SASL 2.1.27 Update to version 1.9.2 - Support of TLS SNI -...

7.4CVSS7.7AI score0.02393EPSS
Exploits1References2
OSV
OSV
added 2020/09/19 12:20 p.m.7 views

OPENSUSE-SU-2020:1454-1 Security update for libetpan

This update for libetpan fixes the following issues: Update to 1.9.4 boo1174579, CVE-2020-15953: Bugfixes on QUOTA Varios warning fixes & build fixes Update to version 1.9.3 Added IMAP CLIENTID / SMTP CLIENTID support Use Cyrus SASL 2.1.27 Update to version 1.9.2 Support of TLS SNI LMDB for cache...

7.4CVSS7.5AI score0.02393EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/19 12:0 a.m.47 views

Security update for libetpan (moderate)

openSUSE Security Update: Security update for libetpan Announcement ID: openSUSE-SU-2020:1454-1 Rating: moderate References: 1174579 Cross-References: CVE-2020-15953 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for libetpa...

7.4CVSS7.5AI score0.02393EPSS
Exploits1References1
CNVD
CNVD
added 2020/03/13 12:0 a.m.6 views

Facebook osquery trust management issue vulnerability

Facebook osquery is a SQL-based, open-source operating system detection and monitoring framework from Facebook Inc. in the United States. A trust management issue vulnerability exists in Facebook osquery versions 2.9.0 through 4.2.0 excluding versions 2.9.0 and 4.2.0, which stems from the program...

9.1CVSS6.9AI score0.01281EPSS
Exploits0References1
Rows per page
Query Builder