CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-0812

Malware in sbrugna...

4.3CVSS9.2AI score0.00124EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-3398

Malware in sbrugna...

4.7CVSS7.3AI score0.00626EPSS

Exploits2References12

RedHat Linux•added 2025/01/13 10:52 a.m.•5 views

firefox: Alt-Svc ALPN validation failure when redirected

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: When using Alt-Svc, ALPN did not properly validate certificates when the original server is redirecting to an insecure site...

4CVSS7.3AI score0.0003EPSS

Exploits0References7

RedHat Linux•added 2025/01/09 12:13 p.m.•6 views

firefox: Alt-Svc ALPN validation failure when redirected

4CVSS7.3AI score0.0003EPSS

Exploits0References7

SUSE CVE•added 2023/02/15 5:22 a.m.•2 views

SUSE CVE-2015-0799

The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying that server in the uri-host field of an Alt-Svc HTTP/2 response header...

4.3CVSS8.7AI score0.00124EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:12 a.m.•2 views

SUSE CVE-2019-11728

The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox 68...

4.7CVSS8AI score0.00626EPSS

Exploits2References12

CNNVD•added 2022/02/09 12:0 a.m.•2 views

swift-nio-http2 安全漏洞

swift-nio-http2 is a SwiftPM project that can be built and tested very easily. A security vulnerability exists in swift-nio-http2 that stems from the fact that programs using swift-nio-http2 are susceptible to denial-of-service attacks caused by network peers sending ALTSVC or ORIGIN frames...

7.5CVSS7.2AI score0.00432EPSS

Exploits0References3

OpenVAS•added 2021/11/11 12:0 a.m.•18 views

Mozilla Firefox Security Advisory (MFSA2015-44) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

4.3CVSS9.5AI score0.00124EPSS

Exploits0References3

Microsoft CVE•added 2021/06/06 12:0 a.m.•4 views

nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.

...

7.5CVSS9.3AI score0.03388EPSS

Exploits0

NVD•added 2019/07/23 2:15 p.m.•20 views

CVE-2019-11728

4.7CVSS6AI score0.00626EPSS

Exploits2References7

Prion•added 2019/07/23 2:15 p.m.•17 views

Design/Logic Flaw

4.3CVSS5.7AI score0.00626EPSS

Exploits2References7Affected Software2

Debian CVE•added 2019/07/23 1:16 p.m.•29 views

CVE-2019-11728

4.7CVSS7.5AI score0.00626EPSS

Exploits2

RedhatCVE•added 2019/07/18 6:25 a.m.•27 views

CVE-2019-11728

4.7CVSS1AI score0.00626EPSS

Exploits2References4

UbuntuCve•added 2019/07/11 12:0 a.m.•33 views

CVE-2019-11728

4.7CVSS6.8AI score0.00626EPSS

Exploits2References3

Prion•added 2015/04/08 10:59 a.m.•14 views

Design/Logic Flaw

4.3CVSS6.8AI score0.00124EPSS

Exploits0References7Affected Software3

Cvelist•added 2015/04/08 10:0 a.m.•19 views

CVE-2015-0799

9.3AI score0.00124EPSS

Exploits0References7

CVE•added 2015/04/08 10:0 a.m.•135 views

CVE-2015-0799

Summary: Mozilla Firefox before 37.0.1 is affected by CVE-2015-0799 due to the HTTP Alt-Svc feature, which allows a man‑in‑the‑middle attacker to bypass X.509 certificate verification by directing the client to a chosen server via the uri-host in an Alt-Svc header. Impact: potential MITM disclosu...

4.3CVSS9.1AI score0.00124EPSS

Exploits0References7Affected Software1

Tenable Nessus•added 2015/04/08 12:0 a.m.•25 views

Ubuntu 14.04 LTS : Firefox vulnerability (USN-2557-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2557-1 advisory. Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some...

4.3CVSS8.3AI score0.00124EPSS

Exploits0References2

ThreatPost•added 2015/04/07 10:27 a.m.•10 views

Vulnerability Forces Mozilla to Disable Opportunistic Encryption in Firefox

Less than a week after introducing the new opportunistic encryption feature in Firefox, Mozilla has had to disable it because of a security vulnerability in the browser’s implementation of the HTTP Alternative Services specification. The bug puts a kink in the new feature, which was designed to...

0.4AI score

Exploits0References3

Ubuntu•added 2015/04/07 10:3 a.m.•69 views

USN-2557-1: Firefox vulnerability

Muneaki Nishimura discovered a flaw in Mozilla's HTTP Alternative Services implementation which meant SSL certificate verification could be bypassed in some circumstances. A remote attacker could potentially exploit this to conduct a machine-in-the-middle attack. CVE-2015-0799...

4.3CVSS8.4AI score0.00124EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by