Lucene search
K

5 matches found

Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-54776 CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade

CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted on Unix Domain Sockets with PosixIdentity client credentials can accept connections that skip the application/unixposix stream upgrade before dispatching...

4.4CVSS0.00109EPSS
Exploits0References6
OSV
OSV
added 2026/06/19 8:46 p.m.5 views

GHSA-WJPQ-6766-7F5J CoreWCF: Unix Domain Socket PosixIdentity transport accepts connections that skip the security upgrade

Impact A CoreWCF service hosted on Unix Domain Sockets with the PosixIdentity client credential type UnixDomainSocketBinding with Security.Mode = TransportCredentialOnly and Security.Transport.ClientCredentialType = PosixIdentity does not require the client to perform the application/unixposix...

4.4CVSS5.8AI score0.00109EPSS
Exploits0References2
GitLab Advisory Database
GitLab Advisory Database
added 2026/03/12 12:0 a.m.8 views

AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass

An unauthenticated remote attacker can bypass all authentication in AdGuardHome by sending an HTTP/1.1 request that requests an upgrade to HTTP/2 cleartext h2c. Once the upgrade is accepted, the resulting HTTP/2 connection is handled by the inner mux, which has no authentication middleware...

9.8CVSS5.9AI score0.00735EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2021/09/29 8:15 p.m.1 views

DEBIAN-CVE-2021-22946

A user can tell curl = 7.20.0 and = 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server --ssl-reqd on the command line orCURLOPTUSESSL set to CURLUSESSLCONTROL or CURLUSESSLALL withlibcurl. This requirement could be bypassed if the server would return a...

7.5CVSS6.4AI score0.04224EPSS
Exploits1References1
Prion
Prion
added 2017/04/02 8:59 p.m.11 views

Design/Logic Flaw

Huawei Campus S7700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9300 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300; S9700 with software V200R001C00SPC300, V200R002C00SPC100, V200R003C00SPC300 allow unauthorized users to upgrade the bootrom or...

7.5CVSS7AI score0.01019EPSS
Exploits0References1Affected Software3
Rows per page
Query Builder