Lucene search
K

12 matches found

CNNVD
CNNVD
added 2026/05/05 12:0 a.m.12 views

Apache Thrift 安全漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a security vulnerability, which was caused by improper validation of certificate-hostname mismatches...

7.3CVSS5.8AI score0.00632EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.6 views

CVE-2026-24932

The DDNS update function in ADM fails to properly validate the hostname of the DDNS server's TLS/SSL certificate. Although the connection uses HTTPS, an improper validated TLS/SSL certificates allows a remote attacker can intercept the communication to perform a Man-in-the-Middle MitM attack, whi...

8.9CVSS5.5AI score0.00206EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0279

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00469EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.4 views

JRuby-OpenSSL 安全漏洞

JRuby-OpenSSL is an add-on gem for JRuby from the JRuby team. A security vulnerability exists in JRuby-OpenSSL versions prior to 0.12.1 through 0.15.4, which stems from insufficient certificate hostname validation and could lead to a man-in-the-middle attack...

7.1CVSS6.3AI score0.00158EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/05/16 10:31 a.m.9 views

CVE-2024-35299

In JetBrains YouTrack before 2024.1.29548 the SMTPS protocol communication lacked proper certificate hostname validation...

5.9CVSS7AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2022/12/25 6:30 a.m.3 views

GHSA-Q6CQ-M9GM-6Q2F Slixmpp lacks SSL Certificate hostname validation in XMLStream

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp...

7.5CVSS5.9AI score0.00469EPSS
Exploits0References8
PyPA
PyPA
added 2022/12/25 5:15 a.m.6 views

PYSEC-2022-43013

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp...

7.5CVSS6.9AI score0.00469EPSS
Exploits0References5Affected Software1
Mageia
Mageia
added 2022/12/17 6:48 p.m.31 views

Updated python-slixmpp packages fix security vulnerability

Fixes missing certificate hostname validation...

7.5CVSS1.6AI score0.00469EPSS
Exploits0References2
OSV
OSV
added 2022/12/10 11:1 p.m.5 views

OPENSUSE-SU-2022:10242-1 Security update for python-slixmpp

This update for python-slixmpp fixes the following issues: - CVE-2022-45197: Fixed certificate hostname validation boo1205433...

7.5CVSS7.5AI score0.00469EPSS
Exploits0References3
OSV
OSV
added 2022/05/17 1:38 a.m.4 views

GHSA-5JC8-8XHV-G8QM Improper Input Validation in XFire

Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof...

7.4CVSS7.2AI score0.00778EPSS
Exploits1References3
OSV
OSV
added 2018/09/10 2:29 p.m.2 views

DEBIAN-CVE-2016-7075

It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate...

8.1CVSS7AI score0.01568EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2012/11/04 12:0 a.m.7 views

PT-2012-6129 · Codehaus · Xfire

Name of the Vulnerable Software and Affected Versions: Codehaus XFire versions 1.2.6 and earlier Description: The issue allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate because it does not verify that the server hostname matches a domain name in the...

7.4CVSS7.3AI score0.00778EPSS
Exploits1References4
Rows per page
Query Builder