Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/09/08 2:27 p.m.4 views

Security Bulletin: IBM QRadar App SDK for IBM QRadar SIEM includes components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM has addressed the vulnerabilities. This product is only used by IBM QRadar SIEM app developers and external business partners and is not relevant for users o...

7.5CVSS6.9AI score0.66594EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.8 views

Siemens SICAM TOOLBOX II 信任管理问题漏洞

Siemens SICAM TOOLBOX II is an engineering software from Siemens, Germany. A trust management issue vulnerability exists in Siemens SICAM TOOLBOX II that stems from a common name not being checked for device certificates, which could be exploited by an attacker to cause a man-in-the-middle attack...

8.1CVSS6.4AI score0.00173EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:50 a.m.3 views

SUSE CVE-2011-4318

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name CN of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers...

5.8CVSS6.6AI score0.01321EPSS
Exploits0References3
OSV
OSV
added 2016/10/10 4:59 p.m.4 views

UBUNTU-CVE-2016-7099

The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

5.9CVSS6.8AI score0.02841EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/12/19 12:0 a.m.43 views

FreeBSD : cURL library -- cert name check ignore with GnuTLS (4e1f4abc-6837-11e3-9cda-3c970e169bc2)

cURL project reports : libcurl is vulnerable to a case of missing out the checking of the certificate CN or SAN name field when the digital signature verification is turned off. libcurl offers two separate and independent options for verifying a server's TLS certificate. CURLOPTSSLVERIFYPEER and...

4CVSS5.6AI score0.02761EPSS
Exploits0References3
curl security advisories
curl security advisories
added 2013/12/17 8:0 a.m.9 views

cert name check ignore with GnuTLS

This issue is almost identical to the one named CVE-2013-4545, but this problem affects a different SSL backend. libcurl is vulnerable to a case of missing out the checking of the certificate CN or SAN name field when the digital signature verification is turned off. libcurl offers two separate a...

4CVSS5.5AI score0.02761EPSS
Exploits0Affected Software2
OSV
OSV
added 2013/12/17 8:0 a.m.7 views

CURL-CVE-2013-6422 cert name check ignore with GnuTLS

This issue is almost identical to the one named CVE-2013-4545, but this problem affects a different SSL backend. libcurl is vulnerable to a case of missing out the checking of the certificate CN or SAN name field when the digital signature verification is turned off. libcurl offers two separate a...

4CVSS3.6AI score0.02761EPSS
Exploits0
OSV
OSV
added 2013/11/15 8:0 a.m.4 views

CURL-CVE-2013-4545 cert name check ignore OpenSSL

libcurl is vulnerable to a case of missing out the checking of the certificate CN or SAN name field when the digital signature verification is turned off. libcurl offers two separate and independent options for verifying a server's TLS certificate. CURLOPTSSLVERIFYPEER and CURLOPTSSLVERIFYHOST. T...

4.3CVSS3.7AI score0.03076EPSS
Exploits0
Rows per page
Query Builder