Lucene search
K

38 matches found

CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

DeskTime Time Tracking App 信任管理问题漏洞

DeskTime Time Tracking App is a time tracking and efficiency analysis tool developed by DeskTime Inc. Versions of the DeskTime Time Tracking App prior to 1.3.674 contained a trust management vulnerability. This vulnerability stemmed from improper TLS certificate verification, which could allow...

4.8CVSS6.2AI score0.00179EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/04/09 5:22 p.m.3 views

CVE-2026-40069

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

7.5CVSS5.9AI score0.00266EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.8 views

Red Hat rhacm2 信任管理问题漏洞

Red Hat rhacm2 is a library of the American company Red Hat. Red Hat rhacm2 has a trust management vulnerability, which stems from improper validation of Kubernetes client certificate renewal. This vulnerability could allow administrators of managed clusters to forge client certificates that are...

8.2CVSS5.8AI score0.00112EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/28 12:0 a.m.6 views

OpenUI 信任管理问题漏洞

OpenUI is an open-source UI program developed byWeights & Biases. Versions of OpenUI 1.0 and earlier had a trust management vulnerability, which was caused by incorrect handling of the parameter LITELLMMASTERKEY, resulting in hardcoded credentials...

4.8CVSS5.8AI score0.00144EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.8 views

mod_gnutls 信任管理问题漏洞

modgnutls is a GnuTLS-based TLS module for Apache HTTPD developed by Airtower developers. Versions of modgnutls prior to 0.13.0 had a trust management vulnerability. This vulnerability stemmed from the lack of checking extended key usages during client certificate verification, which could lead t...

6.8CVSS5.8AI score0.00205EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/02 12:0 a.m.2 views

SunPower PVS6 信任管理问题漏洞

The SunPower PVS6 is a data monitoring and communication gateway for solar photovoltaic systems from SunPower, Inc. A trust management issue vulnerability exists in the SunPower PVS6 that stems from the use of hard-coded encryption parameters and disclosure of protocol details, which could result...

9.4CVSS6.6AI score0.00164EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/06 12:0 a.m.3 views

Cisco Webex Meetings 信任管理问题漏洞

Cisco Webex Meetings is a video conferencing solution from Cisco. A trust management issue vulnerability exists in Cisco Webex Meetings, which stems from a client-side certificate validation issue that could result in an unauthorized user joining a meeting...

5.4CVSS6.7AI score0.00099EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A trust management issue...

6.5CVSS6.9AI score0.00141EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/03 12:0 a.m.3 views

Dell NetWorker Management Console 安全漏洞

Dell NetWorker Management Console is a backup and recovery software from Dell USA. A trust management issue vulnerability exists in Dell NetWorker Management Console version 19.11, which stems from the presence of improper cryptographic signature validation, and can be exploited by an attacker to...

7.8CVSS7.3AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.3 views

Progress Telerik Report Server 信任管理问题漏洞

Progress Telerik Report Server is an enterprise-class report management and distribution solution from Progress, Inc. A trust management issue vulnerability exists in versions of Progress Telerik Report Server prior to 2024 Q4, which stems from an older algorithm used to encrypt local asset data,...

7.1CVSS6.4AI score0.00106EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.3 views

Bitdefender Total Security 信任管理问题漏洞

Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...

8.6CVSS6.5AI score0.00209EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.12 views

Cisco Smart Licensing Utility 信任管理问题漏洞

Cisco Smart Licensing Utility CSLU is a Cisco application that allows customers to manage licenses and associated product instances from their local location. A trust management issue vulnerability exists in Cisco Smart Licensing Utility that stems from an undocumented static administrator...

9.8CVSS9AI score0.9201EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.5 views

Red Hat OpenStack Platform 信任管理问题漏洞

Red Hat OpenStack Platform is a cloud computing management platform from Red Hat USA. Red Hat OpenStack Platform suffers from a trust management issue vulnerability that originates from allowing an attacker to deploy potentially compromised container images by disabling TLS certificate validation...

8.1CVSS7.7AI score0.00392EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.4 views

Motorola Solutions Vigilant Fixed LPR Coms Box Trust Management Issues Vulnerability

Motorola Solutions Vigilant Fixed LPR Coms Box is a license plate recognition system from Motorola Solutions USA. The Motorola Solutions Vigilant Fixed LPR Coms Box suffers from a trust management issue vulnerability that stems from an attacker being able to access the maintenance console using...

9.8CVSS6.8AI score0.00388EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/20 12:0 a.m.6 views

Apache DolphinScheduler Trust Management Issue Vulnerability

Apache DolphinScheduler is a distributed DAG visualization-based workflow task scheduling system from the Apache Foundation. A trust management issue vulnerability exists in Apache DolphinScheduler versions prior to 3.2.0, which stems from the HttpUtils class not validating credentials, and thus...

7.3CVSS6.7AI score0.00704EPSS
Exploits0References4
Prion
Prion
added 2024/02/17 5:15 a.m.18 views

Authentication flaw

All versions of the package github.com/greenpau/caddy-security are vulnerable to Authentication Bypass by Spoofing via the X-Forwarded-For header due to improper input sanitization. An attacker can spoof an IP address used in the user identity module /whoami API endpoint. This could lead to...

5.8CVSS7AI score0.00523EPSS
Exploits0References3
OSV
OSV
added 2023/04/04 1:15 p.m.2 views

UBUNTU-CVE-2023-29000

The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a malicious server could get the desktop client to encrypt file...

6.5CVSS6.6AI score0.00388EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.4 views

PT-2023-16014 · Red Hat · Keycloak

Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw in Keycloak allows impersonation and lockout due to incorrect handling of email trust. This issue enables an attacker to shadow other users with the same email, potentially leading ...

6.5CVSS6AI score0.007EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/11/23 12:0 a.m.4 views

Botan 信任管理问题漏洞

Botan is a library of cryptographic algorithms written in C++. It supports a variety of algorithms such as AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. A security vulnerability exists in Botan versions 1.11.34 and later up to 2.19.3, which stems from a certificate validation error and can be...

9.1CVSS6.8AI score0.00415EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/11/02 12:0 a.m.4 views

Fortinet FortiSIEM 信任管理问题漏洞

Fortinet FortiSIEM is a suite of security information and event management systems from the American company Fiat Fortinet. The system includes features such as asset discovery, workflow automation, and unified management. A trust management issue vulnerability exists in Fortinet FortiSIEM versio...

7.8CVSS7.4AI score0.00195EPSS
Exploits0References2
Rows per page
Query Builder