Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

118 matches found

Tenable Nessus
Tenable Nessusadded 2026/06/01 12:0 a.m.12 views

RHEL 10 : go-fdo-client and go-fdo-server (RHSA-2026:22141)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22141 advisory. This package provides a server-side implementation of the FIDO Device Onboard FDO specification, written in Go. FDO is an open standard fo...

10CVSS7.3AI score0.00022EPSS
Exploits1References11
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.10 views

Erlang/OTP 19.3 < 26.2.5.21 / 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 DNS nameConstraints Bypass (CVE-2026-42790)

The version of Erlang/OTP installed on the remote host is 19.3 prior to 26.2.5.21, 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and...

8.1CVSS5.8AI score0.00021EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/05/19 9:46 p.m.8 views

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.1CVSS6.9AI score0.00044EPSS
Exploits1References9
Amazon
Amazonadded 2026/04/14 12:0 a.m.8 views

Important: amazon-efs-utils

Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...

9.1CVSS5.8AI score0.00041EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/09 12:0 a.m.1 views

PT-2026-31749

An Improper Following of a Certificate's Chain of Trust vulnerability in J-Web of Juniper Networks Junos OS on SRX Series allows a PITM to intercept the communication of the device and get access to confidential information and potentially modify it. When an SRX device is provisioned to connect t...

8.3CVSS5.9AI score0.00026EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/01 12:0 a.m.9 views

Amazon Linux 2023 : mount-s3 (ALAS2023-2026-1510)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1510 advisory. time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via...

8.7CVSS5.9AI score0.00041EPSS
Exploits0References10
Github Security Blog
Github Security Blogadded 2026/03/23 3:30 p.m.1 views

HybridAuth Has Improper SSL Certificate Validation in Curl HTTP Client

A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This...

6.3CVSS5.5AI score0.00026EPSS
Exploits0References6Affected Software1
Rosalinux
Rosalinuxadded 2026/03/22 9:2 p.m.7 views

Advisory ROSA-SA-2026-3234

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-6 affected versions curl-8.7.1-6 CVE-ID: CVE-2025-14017 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: In multi-threaded LDAPS transfers in libcurl, changing TLS options in one thread changed them globally and could affect other...

6.3CVSS6AI score0.00003EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/03/11 8:21 p.m.2 views

CVE-2026-2368

An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code...

7.5CVSS6AI score0.00013EPSS
Exploits0References1
NVD
NVDadded 2026/02/23 4:29 p.m.3 views

CVE-2025-70044

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in fofolee uTools-quickcommand 5.0.3...

6.5CVSS0.00023EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/02/19 10:27 p.m.6 views

CVE-2026-24122

Cosign provides code signing and transparency for containers and binaries. In versions 3.0.4 and below, an issuing certificate with a validity that expires before the leaf certificate will be considered valid during verification even if the provided timestamp would mean the issuing certificate...

3.7CVSS5.3AI score0.00011EPSS
Exploits2
RedhatCVE
RedhatCVEadded 2026/02/06 7:34 p.m.3 views

CVE-2025-15557

An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on the same network segment to intercept and modify encrypted device-cloud communications. This may compromise the confidentiality and integrity of device-to-cloud communication,...

8.8CVSS5.4AI score0.0001EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/23 12:0 a.m.30 views

CVE-2025-67229

An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation...

0.00018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : java-11-openjdk-11.0.19.0.7-1.el7 (AXSA:2023-5304:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5304:06 advisory. OpenJDK: improper connection handling during TLS handshake 8294474 CVE-2023-21930 OpenJDK: Swing HTML parsing issue 8296832 CVE-2023-21939 OpenJDK:...

7.4CVSS7.9AI score0.01156EPSS
Exploits1References8
RedhatCVE
RedhatCVEadded 2026/01/09 11:55 a.m.3 views

CVE-2018-4436

A certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2...

7.5CVSS6.5AI score0.00119EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/10/21 12:0 a.m.4 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.24 (SUSE-SU-2025:3682-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3682-1 advisory. go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509:...

7.5CVSS7.2AI score0.00044EPSS
Exploits0References32
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-16635

Malware in sbrugna...

7.4CVSS7.5AI score0.00104EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-0052

Malware in sbrugna...

7.5CVSS7.4AI score0.00198EPSS
Exploits1References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2003-0941

Malware in sbrugna...

7.5CVSS6.4AI score0.00355EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2018-11617

Malware in sbrugna...

5.9CVSS6AI score0.001EPSS
Exploits0References2
Rows per page
Query Builder