CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/03 9:31 p.m.•2 views

EUVD-2025-201106

An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN .example.com...

6.5CVSS6.3AI score0.00008EPSS

Exploits0References5

OSV•added 2025/11/21 3:59 p.m.•2 views

JLSEC-2025-231 Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are develop...

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtlsx509stringtonames takes a head argument that is documented as an output argument. The documentation does not suggest that the function...

9.8CVSS7AI score0.0843EPSS

Exploits2References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2004-1995

Malware in sbrugna...

7.5CVSS6.4AI score0.07404EPSS

Exploits1References6

RedHat Linux•added 2023/10/05 8:18 p.m.•1 views

bouncycastle: potential blind LDAP injection attack using a self-signed certificate

A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain...

5.3CVSS6.7AI score0.00326EPSS

Exploits0References5

NVD•added 2023/05/04 11:15 p.m.•8 views

CVE-2023-1894

A Regular Expression Denial of Service ReDoS issue was discovered in Puppet Server 7.9.2 certificate validation. An issue related to specifically crafted certificate names significantly slowed down server operations...

5.3CVSS5.4AI score0.00064EPSS

OSV•added 2023/05/04 11:15 p.m.•22 views

CVE-2023-1894

5.3CVSS6.9AI score0.00064EPSS

Prion•added 2023/05/04 11:15 p.m.•17 views

Input validation

5CVSS5.4AI score0.00064EPSS

Exploits0References1Affected Software2

RedHat Linux•added 2020/08/10 3:17 p.m.•1 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to...

Tenable Nessus•added 2020/08/10 12:0 a.m.•262 views

RHEL 8 : java-1.8.0-ibm (RHSA-2020:3386)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3386 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...

8.3CVSS6.8AI score0.01018EPSS

Exploits0References22

Tenable Nessus•added 2020/08/07 12:0 a.m.•36 views

RHEL 7 : java-11-openjdk (RHSA-2020:2969)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2969 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

8.3CVSS6.6AI score0.01018EPSS

Exploits0References16

Tenable Nessus•added 2020/08/07 12:0 a.m.•53 views

CentOS 7 : java-11-openjdk (RHSA-2020:2969)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2969 advisory. - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u25...

8.3CVSS6.4AI score0.01018EPSS

Exploits0References8

Tenable Nessus•added 2020/07/22 12:0 a.m.•33 views

RHEL 8 : java-11-openjdk (RHSA-2020:3098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3098 advisory. The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixe...

8.3CVSS6.6AI score0.01018EPSS

Exploits0References16

RedHat Linux•added 2020/07/16 4:38 p.m.•3 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

RedHat Linux•added 2020/07/16 9:59 a.m.•2 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

RedHat Linux•added 2020/07/16 9:40 a.m.•1 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

RedHat Linux•added 2020/07/16 8:54 a.m.•2 views

OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592)

OSV•added 2016/10/10 4:59 p.m.•0 views

UBUNTU-CVE-2016-7099

The tls.checkServerIdentity function in Node.js 0.10.x before 0.10.47, 0.12.x before 0.12.16, 4.x before 4.6.0, and 6.x before 6.7.0 does not properly handle wildcards in name fields of X.509 certificates, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

5.9CVSS6.8AI score0.00718EPSS

CNVD•added 2016/05/12 12:0 a.m.•1 views

Adobe ColdFusion Man-in-the-Middle Attack Vulnerability

Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. A man-in-the-middle attack vulnerability exists in Adobe ColdFusion, which stems from the program's failure ...

5.9CVSS6.7AI score0.02491EPSS