Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

AlpineLinux
AlpineLinuxadded 2019/11/29 8:46 p.m.16 views

CVE-2015-1855

verifycertificateidentity in the OpenSSL extension in Ruby before 2.0.0 patchlevel 645, 2.1.x before 2.1.6, and 2.2.x before 2.2.2 does not properly validate hostnames, which allows remote attackers to spoof servers via vectors related to 1 multiple wildcards, 1 wildcards in IDNA names, 3 case...

5.9CVSS6.8AI score0.02815EPSS
Exploits0References6
OpenVAS
OpenVASadded 2016/05/12 12:0 a.m.39 views

Cisco NX-OS: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products (cisco-sa-20150710-openssl)

On July 9, 2015, the OpenSSL Project released a security advisory detailing a vulnerability affecting applications that verify certificates, including SSL/Transport Layer Security TLS/Datagram Transport Layer Security DTLS clients and SSL/TLS/DTLS servers using client authentication. Copyright C...

6.5CVSS6.8AI score0.61798EPSS
Exploits6References2
Packet Storm
Packet Stormadded 2015/11/06 12:0 a.m.75 views

OpenSSL Alternative Chains Certificate Forgery

!/usr/bin/env ruby encoding: ASCII-8BIT By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = 0, 0, 1 Release = nil class String def hexdumpstream=$stdout 0.stepbytesize - 1, 16 do |i| stream.printf'%08x ', i 0.upto15 do...

6.4CVSS0.61798EPSS
Exploits6
Exploit DB
Exploit DBadded 2015/11/05 12:0 a.m.49 views

OpenSSL - Alternative Chains Certificate Forgery

!/usr/bin/env ruby encoding: ASCII-8BIT By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = 0, 0, 1 Release = nil class String def hexdumpstream=$stdout 0.stepbytesize - 1, 16 do |i| stream.printf'%08x ', i 0.upto15 do...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2014/09/25 12:0 a.m.28 views

Google Chrome < 37.0.2062.124 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 37.0.2062.124. It is, therefore, affected by an issue in the Network Security Services NSS libraries. This issue is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forgery of RSA...

7.5CVSS6.8AI score0.17004EPSS
Exploits0References2
ThreatPost
ThreatPostadded 2012/08/13 3:15 p.m.10 views

Analysis Reveals Flame Malware's Process Injection Tricks

As researchers continue to pull apart the Gauss malware code, looking for spreading mechanisms and infection vectors, there is still some work being done on Gauss’s cousin Flame, as well. New research from CERT Polska reveals how deeply Flame burrows itself into infected systems, showing that the...

0.8AI score
Exploits0References6
Rows per page
Query Builder