Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 3 days ago4 views

EUVD-2026-39185

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References2
NVD
NVDadded 3 days ago8 views

CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS0.00139EPSS
Exploits0References1
CVE
CVEadded 3 days ago9 views

CVE-2026-12490

CVE-2026-12490 describes a bypass of client certificate verification during transfers when a provide-xfr rule uses a tls-auth-name. A secondary transfer may require a client certificate with that name, but no certificate is needed if the request is over TLS on the regular tls-port (not tls-auth-p...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVEadded 3 days ago4 views

CVE-2026-12490

When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate is needed when the request comes in over TLS over the regular tls-port and not the tls-auth-port or over over TCP over the regular...

8.2CVSS5.8AI score0.00139EPSS
Exploits0
CNVD
CNVDadded 2022/03/22 12:0 a.m.19 views

MISP Cross-Site Scripting Vulnerability (CNVD-2022-83622)

MISP is a software solution. The product is used to collect, store, distribute, and share network security metrics, and has features such as threat network security event analysis and malware analysis. cross-site scripting vulnerabilities exist in versions of MISP prior to 2.4.156, which stem fro...

3.5CVSS5AI score0.00458EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/03/18 6:15 p.m.1 views

CVE-2022-27244

An issue was discovered in MISP before 2.4.156. A malicious site administrator could store an XSS payload in the custom auth name. This would be executed each time the administrator modifies a user...

4.8CVSS5.7AI score0.00458EPSS
Exploits0References2
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.24 views

Aastra IP Phone 9480i Web Interface Data disclosure Vulnerability

No description provided by source. / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected] -----------------------------------...

7.1AI score
Exploits0
exploitpack
exploitpackadded 2011/06/09 12:0 a.m.18 views

Aastra IP Phone 9480i - Web Interface Data Disclosure

Aastra IP Phone 9480i - Web Interface Data Disclosure / / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / , / / // / / / / / //// //|///||/,/ / /// Live by the byte |// Members: Pr0T3cT10n -=M.o.B.=- TheLeader Sro Debug Contact: [email protected]...

7.3AI score
Exploits0
Rows per page
Query Builder