Lucene search
K

8936 matches found

RedhatCVE
RedhatCVE
added yesterday2 views

CVE-2026-8286

A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security TLS configuration of the new transfer does not match the existing connection,...

8.1CVSS5.8AI score0.00196EPSS
Exploits0References6
NVD
NVD
added yesterday5 views

CVE-2026-13698

A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service...

6CVSS
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday3 views

CVE-2026-50014

A flaw was found in pnpm, a package manager. An attacker could exploit this vulnerability by providing a malicious lockfile, which could lead to arbitrary code execution. This occurs because pnpm incorrectly processes git dependency information, allowing a crafted input to execute unauthorized...

7.3CVSS6.2AI score0.0018EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added yesterday7 views

crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security TLS session resumption when certificate authority CA settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing ...

10CVSS6.8AI score0.00765EPSS
Exploits1References8
EUVD
EUVD
added yesterday4 views

EUVD-2026-41832

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer MailProducer.getSender scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present...

3.7CVSS6AI score0.0016EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-46584

Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component. The camel-mail producer MailProducer.getSender scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present...

6AI score0.0016EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added yesterday7 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.8AI score0.00324EPSS
Exploits0References12
RedHat Linux
RedHat Linux
added yesterday6 views

nodejs: Node.js: Certification validation bypass in TLS host verification

A flaw was found in Node.js. An attacker can exploit a vulnerability in the Transport Layer Security TLS host verification process to bypass certification validation. This bypass could allow an attacker to intercept or alter communications, potentially leading to information disclosure or integri...

4.3CVSS5.9AI score0.00258EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday6 views

nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling

A flaw was found in Node.js. This vulnerability in the TLS Transport Layer Security hostname handling allows embedded null characters in hostnames. This can lead to silent authority rebinding, potentially enabling an attacker to redirect network traffic to an unintended server and disclose...

9.8CVSS5.8AI score0.00405EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added yesterday4 views

nodejs: Node.js: Certification validation bypass in TLS host verification

A flaw was found in Node.js. An attacker can exploit a vulnerability in the Transport Layer Security TLS host verification process to bypass certification validation. This bypass could allow an attacker to intercept or alter communications, potentially leading to information disclosure or integri...

4.3CVSS6.3AI score0.00258EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday6 views

nodejs: Node.js: Silent authority rebinding due to embedded-nul hostnames in TLS handling

A flaw was found in Node.js. This vulnerability in the TLS Transport Layer Security hostname handling allows embedded null characters in hostnames. This can lead to silent authority rebinding, potentially enabling an attacker to redirect network traffic to an unintended server and disclose...

9.8CVSS6.4AI score0.00405EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added yesterday5 views

nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch

A flaw was found in Node.js. This flaw involves a mismatch in how Node.js handles TLS Transport Layer Security hostnames and unicode dot separators during authentication. This mismatch can lead to a wildcard-depth authentication bypass. An attacker could exploit this to bypass intended security...

7.7CVSS7AI score0.00674EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday6 views

Node.js: Node.js: Trust-policy bypass due to hostname matching inconsistency

A flaw was found in Node.js. An inconsistency in how Node.js matches hostnames can be exploited by a remote attacker in multi-context mTLS mutual Transport Layer Security setups. This vulnerability allows for a trust-policy bypass, potentially leading to unauthorized access to sensitive informati...

5.4CVSS6.3AI score0.00256EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added yesterday4 views

net-imap: ruby: Net::IMAP: Information disclosure via man-in-the-middle attack bypassing TLS

A flaw was found in the Ruby net-imap library. When upgrading a cleartext IMAP connection to TLS using the Net::IMAPstarttls method, the library improperly handles certain responses received during STARTTLS negotiation. A man-in-the-middle MITM attacker can inject a predicted tagged OK response...

7.6CVSS5.8AI score0.00324EPSS
Exploits0References12
Nuclei
Nuclei
added yesterday17 views

Apache ActiveMQ - Remote Code Execution via HTTP Discovery Transport Bypass

Apache ActiveMQ before 5.19.6 and 6.0.0 through 6.2.4 is vulnerable to remote code execution via a bypass of the CVE-2026-34197 security fix. The original fix blocked the "vm://" transport scheme in BrokerView.addNetworkConnector and BrokerView.addConnector to prevent authenticated attackers from...

8.8CVSS7.7AI score0.96666EPSS
Exploits13References4
EUVD
EUVD
added 3 days ago7 views

EUVD-2025-210419

picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...

8.1CVSS6.5AI score0.00555EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 3 days ago3 views

CVE-2025-71364

picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...

8.1CVSS6.5AI score0.00555EPSS
Exploits0References3
CVE
CVE
added 3 days ago13 views

CVE-2025-71364

CVE-2025-71364 affects picklescan prior to 0.0.30, which fails to detect the builtin function asyncio.unix_events._UnixSubprocessTransport._start inside pickle reduce methods. This allows an attacker to craft malicious pickle payloads that evade detection and execute arbitrary commands upon loadi...

8.1CVSS6.5AI score0.00555EPSS
Exploits0References2
NVD
NVD
added 4 days ago3 views

CVE-2026-26292

Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests...

0.00174EPSS
Exploits0References4
EUVD
EUVD
added 4 days ago4 views

EUVD-2026-41630

Gitea versions before 1.25.5 do not use the migration HTTP transport for LFS push and sync mirror operations, bypassing the configured migration transport protections for those LFS requests...

5.9AI score0.00174EPSS
Exploits0References4
Rows per page
Query Builder