Lucene search
K

9 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/08 11:0 a.m.7 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS5.8AI score0.04859EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47708

CVE-2024-56121 - OpenSSL: Improper Certificate Validation Weakness CVE ID :CVE-2024-56121 Published : June 8, 2026, 10:16 a.m. | 44 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more...

5.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.16 views

PT-2026-47277

Name of the Vulnerable Software and Affected Versions Check Point Security Gateways and Check Point Spark Firewall affected versions not specified Description A weakness in the certificate validation logic of the deprecated IKEv1 Internet Key Exchange version 1 key exchange allows an...

7.4CVSS5.7AI score0.04859EPSS
Exploits0References30
Veracode
Veracode
added 2026/05/09 5:37 a.m.8 views

Improper Certificate Validation

CKAN is vulnerable to Improper Certificate Validation. The vulnerability is due to insufficient validation of SMTP server certificates, allowing attackers to spoof the configured mail server using invalid or self-signed certificates and enabling man-in-the-middle attacks against email traffic and...

8.7CVSS5.8AI score0.00194EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 2:10 p.m.11 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to handshake corruption due to the crypto/tls package (CVE-2025-68121)

Summary Crypto/tls is used as part of secure encryption by DataStage on Cloud Pak for Data. Vulnerability Details CVEID:CVE-2025-68121 DESCRIPTION: During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the...

10CVSS5.9AI score0.00765EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/28 4:41 p.m.9 views

Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...

9.8CVSS7.6AI score0.01185EPSS
Exploits1Affected Software1
GithubExploit
GithubExploit
added 2025/09/10 2:28 a.m.115 views

Exploit for CVE-2025-46408

CVE-2025-46408 Improper Hostname Verification in EagleEyes...

8.8CVSS6.7AI score0.00611EPSS
Exploits4
OSV
OSV
added 2019/02/05 6:29 p.m.4 views

CVE-2017-1200

IBM BigFix Compliance 1.7 through 1.9.91 TEMA SUAv1 SCA SCM does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle MITM attack. The software might connect to a malicious host while believing it is a...

5.9CVSS5.8AI score0.00644EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/02/24 12:0 a.m.19 views

Apple iOS 6.x < 6.1.6 'SSLVerifySignedServerKeyExchange' Certificate Validation Weakness

Binary data appleios616check.nbin...

7.4CVSS7.3AI score0.05715EPSS
Exploits6References5
Rows per page
Query Builder