CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Tenable Nessus•added 2026/01/14 12:0 a.m.•4 views

MiracleLinux 4 : openssl-1.0.0-20.AXS4.1 (AXSA:2012-76:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-76:02 advisory. The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries...

5CVSS8AI score0.16645EPSS

Exploits0References5

Vulnrichment•added 2025/12/13 4:31 a.m.•4 views

CVE-2025-11707 Login Lockdown & Protection <= 2.14 - IP Block Bypass

The Login Lockdown & Protection plugin for WordPress is vulnerable to IP Block Bypass in all versions up to, and including, 2.14. This is due to $unblockkey key being insufficiently random allowing unauthenticated users, with access to an administrative user email, to generate valid unblock keys...

5.3CVSS5.7AI score0.00401EPSS

Exploits0References3

Positive Technologies•added 2025/10/31 12:0 a.m.•4 views

PT-2025-44591

Name of the Vulnerable Software and Affected Versions OOPSpam Anti-Spam plugin for WordPress versions through 1.2.53 Description The OOPSpam Anti-Spam plugin for WordPress is susceptible to IP Header Spoofing. The plugin improperly trusts client-controlled forwarded headers, such as...

5.3CVSS6.5AI score0.00283EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2011-4503

Malware in sbrugna...

4.3CVSS8.5AI score0.09331EPSS

Exploits0References18

BDU FSTEC•added 2023/08/29 12:0 a.m.•4 views

The vulnerability of the urllib.parse library component in the Python programming language allows attackers to circumvent URL blocking measures.

The vulnerability of the urllib.parse language interpreter component in Python is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass URL blockings that start with empty characters...

7.8CVSS7.1AI score0.20459EPSS

Exploits3References37Affected Software7

SUSE CVE•added 2023/02/15 5:49 a.m.•2 views

SUSE CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

4.3CVSS8.5AI score0.09331EPSS

Exploits0References8

Schneier on Security•added 2019/10/17 11:8 a.m.•49 views

Using Machine Learning to Detect IP Hijacking

This is interesting research: In a BGP hijack, a malicious actor convinces nearby networks that the best path to reach a specific IP address is through their network. That's unfortunately not very hard to do, since BGP itself doesn't have any security procedures for validating that a message is...

1.5AI score

Exploits0

OSV•added 2017/11/16 7:29 a.m.•2 views

CVE-2017-12299

A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that could allow an unauthenticated, remote attacker to send traffic to the local IP address of the device, bypassing any filters that are configured to...

5.3CVSS5.8AI score0.01163EPSS

Exploits0References2