Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

SUSE CVE
SUSE CVEadded 2023/02/15 6:1 a.m.2 views

SUSE CVE-2009-4565

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

7.5CVSS7.5AI score0.00771EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2009/08/21 12:0 a.m.49 views

Mozilla Thunderbird < 2.0.0.23 Certificate Authority (CA) Common Name Null Byte Handling SSL MiTM Weakness

The installed version of Thunderbird is earlier than 2.0.0.23. Such versions are potentially affected by the following security issue : - The client can be fooled into trusting a malicious SSL server certificate with a null character in the host name. MFSA 2009-42 C Tenable Network Security, Inc...

6.8CVSS7.3AI score0.01855EPSS
Exploits4References2
RedHat Linux
RedHat Linuxadded 2009/07/30 10:9 p.m.2 views

firefox/nss: doesn't handle NULL in Common Name properly

Mozilla Network Security Services NSS before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to...

6.8CVSS7AI score0.01855EPSS
Exploits4References4
Rows per page
Query Builder