CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

CNNVD•added 2026/05/22 12:0 a.m.•5 views

Sunshine 信任管理问题漏洞

Sunshine is an Open Source Moonlight-based autonomous gaming streaming host developed by LizardByte. Earlier versions of Sunshine, such as 2026.516.143833, had vulnerabilities related to trust management. These vulnerabilities stemmed from improper handling of OpenSSL verification results. Custom...

9.8CVSS5.8AI score0.00041EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в firefox, thunderbird

The error page for sites with invalid TLS certificates lacked the activation-delay feature provided by Firefox to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page triggered user clicks at specific locations immediately before...

3.1CVSS6.3AI score0.00049EPSS

Exploits0References2

Broadcom•added 2026/05/19 12:0 a.m.•12 views

Security updated provided in Brocade ASCG 3.4.0b for container-tools (CVE-2024-24785, CVE-2025-61729, CVE-2025-65637)

Security update provided in Brocade ASCG before ASCG 3.4.0b CVE-2024-24785 Title: Errors returned from JSON marshaling may break template escaping in html/template Description If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual...

7.5CVSS5.8AI score0.00924EPSS

Exploits3

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в curl

When curl is instructed to use the Certificate Status Request TLS extension, also known as OCSP stapling, to verify that the server certificate is valid, it may fail to detect certain OCSP issues and instead incorrectly consider the response to be fine. If the returned status reports an error oth...

6.5CVSS6.9AI score0.00559EPSS

Exploits1References2

OSV•added 2025/12/04 11:41 a.m.•2 views

BIT-GOLANG-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...

7.5CVSS6.7AI score0.00019EPSS

Exploits2References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-0161

Malware in sbrugna...

4.3CVSS4.6AI score0.0065EPSS

Exploits0References23

Redos•added 2025/09/05 12:0 a.m.•2 views

ROS-20250905-07

A vulnerability in the user locking mechanism of the Vault Enterprise and Vault Community Edition enterprise data archiving platforms is due to the application not performing the correct normalization of the application. Enterprise and Vault Community Edition is related to the fact that the...

9.1CVSS7.2AI score0.00588EPSS

Exploits0

Tenable Nessus•added 2025/08/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2020-11054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user,...

4.3CVSS5.5AI score0.0065EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 10:12 p.m.•6 views

CVE-2022-48437

An issue was discovered in x509/x509verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 errata 001. x509verifyctxaddchain does not store errors that occur during leaf certificate verification, and therefore an incorrect error is returned. This behavior occurs when there is an installed...

5.3CVSS6.7AI score0.00283EPSS

Exploits0References1

Tenable Nessus•added 2025/02/07 12:0 a.m.•4 views

FreeBSD : mozilla -- multiple vulnerabilities (20485d27-e540-11ef-a845-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 20485d27-e540-11ef-a845-b42e991fc52e advisory. [email protected] reports: A bug in WebAssembly code generation could have lead to a crash...

9.8CVSS7.7AI score0.00308EPSS

Exploits0References9

Prion•added 2023/08/09 7:15 a.m.•25 views

Design/Logic Flaw

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an unauthenticated remote attacker can access upload-functions of the HTTP API. This might cause certificate errors for SSL-connections and might result in a partial denial-of-service...

6.4CVSS8AI score0.00346EPSS

Exploits0References1Affected Software6

Positive Technologies•added 2023/08/08 12:0 a.m.•1 views

PT-2023-4528 · Phoenix Contact · Phoenix Contact Wp 6Xxx Series Web Panels

Name of the Vulnerable Software and Affected Versions: PHOENIX CONTACT WP 6xxx series web panels versions prior to 4.0.10 Description: The issue is related to insufficient authorization procedures in the web panels, allowing an unauthenticated remote attacker to access upload functions of the HTT...

8.5CVSS8AI score0.00346EPSS

Exploits0References6

RedHat Linux•added 2023/06/14 9:55 a.m.•3 views

Mozilla: Click-jacking certificate exceptions through rendering lag

The Mozilla Foundation Security Advisory describes this flaw as: The error page for sites with invalid TLS certificates was missing the activation-delay Firefox uses to protect prompts and permission dialogs from attacks that exploit human response time delays. If a malicious page elicited user...

3.1CVSS7.2AI score0.00049EPSS

Exploits0References6

RedHat Linux•added 2023/06/14 9:54 a.m.•2 views

Mozilla: Click-jacking certificate exceptions through rendering lag

3.1CVSS7.2AI score0.00049EPSS

Exploits0References6

RedHat Linux•added 2023/06/14 8:54 a.m.•3 views

Mozilla: Click-jacking certificate exceptions through rendering lag

3.1CVSS7.2AI score0.00049EPSS

Exploits0References6

RedHat Linux•added 2023/06/14 8:54 a.m.•2 views

Mozilla: Click-jacking certificate exceptions through rendering lag