Lucene search
K

32 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Apache Airflow 信任管理问题漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained a trust management vulnerability. This vulnerability stemmed from the...

5.9CVSS5.4AI score0.00185EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/07 6:47 p.m.13 views

EUVD-2026-28428

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, on GnuTLS builds, the SIP TLS transport siptransporttls can accept connections with invalid or untrusted certificates even when the application explicitly enables certificate verification via...

8.2CVSS5.7AI score0.00161EPSS
Exploits0References3
OSV
OSV
added 2026/05/04 1:12 p.m.7 views

JLSEC-2026-418 When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP...

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS5.8AI score0.00729EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-1454

Malware in sbrugna...

5CVSS6.4AI score0.00923EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-6619

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-6814

Malware in sbrugna...

5.4CVSS6.4AI score0.00266EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-8337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked. CVE-2019-8337 Note th...

5.3CVSS5.6AI score0.00919EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/14 9:15 a.m.6 views

CVE-2022-29482

'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack...

4.3CVSS5.9AI score0.00344EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/06/09 2:15 a.m.2 views

CVE-2021-20732

The ATOM ATOM - Smart life App for Android versions prior to 1.8.1 and ATOM - Smart life App for iOS versions prior to 1.8.2 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on encrypted communication via a crafted certificate...

5.9CVSS6AI score0.00486EPSS
Exploits0References2
OSV
OSV
added 2020/12/24 2:15 a.m.4 views

CVE-2020-5684

iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate...

4.8CVSS5.8AI score0.00331EPSS
Exploits0References2
OSV
OSV
added 2020/07/02 1:15 p.m.4 views

CVE-2020-5909

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface UI to fetch the agent installer, the server TLS certificate is not verified...

5.4CVSS6.1AI score0.004EPSS
Exploits0References1
OSV
OSV
added 2019/12/23 6:15 p.m.4 views

CVE-2019-6687

On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints...

7.4CVSS7.2AI score0.00483EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2018/03/27 4:40 a.m.1 views

iRemoconWiFi App for Android fails to verify SSL server certificates

Overview iRemoconWiFi App for Android provided by Glamo Inc. fails to verify SSL server certificates. Seigo Yamamoto of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attac...

7.4CVSS6.5AI score0.00536EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2017/06/16 12:29 p.m.2 views

CVE-2017-9584

The "HBO Mobile Banking" by Heritage Bank of Ozarks app 3.0.0 -- aka hbo-mobile-banking/id860224933 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.5AI score0.00486EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2017/06/16 12:29 p.m.2 views

CVE-2017-9593

The "Oculina Mobile Banking" by Oculina Bank app 3.0.0 -- aka oculina-mobile-banking/id867025690 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.5AI score0.00486EPSS
Exploits0References3
OSV
OSV
added 2017/06/16 12:29 p.m.5 views

CVE-2017-9571

The Citizens Community Bank TN ccb-mobile-banking/id610030469 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.2 views

CVE-2017-9576

The "Middleton Community Bank Mobile Banking" by Middleton Community Bank app 3.0.0 -- aka middleton-community-bank-mobile-banking/id721843238 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information vi...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.5 views

CVE-2017-9561

The Lee Bank & Trust lbtc-mobile/id1068984753 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.4 views

CVE-2017-9563

The First Citizens Community Bank fccb/id809930960 app 3.0.1 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
OSV
OSV
added 2017/06/16 12:29 p.m.4 views

CVE-2017-9581

The "Algonquin State Bank Mobile Banking" by Algonquin State Bank app 3.0.0 -- aka algonquin-state-bank-mobile-banking/id1089657735 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

5.9CVSS5.8AI score0.00486EPSS
Exploits0References1
Rows per page
Query Builder