Lucene search
K

8 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

uTLS 安全漏洞

uTLS is an open-source Go language codebase developed by Refraction Networking. Versions of uTLS 1.6.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of a TLS 1.3 downgrade protection mechanism, which could lead to connection downgrade attacks...

6.5CVSS5.8AI score0.00268EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2024-28755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the mbedtlssslsessionreset API, the maximum TLS version to be...

6.5CVSS5.9AI score0.00403EPSS
Exploits0References3
OSV
OSV
added 2024/08/12 4:15 p.m.22 views

CVE-2024-41909

Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with...

5.9CVSS7.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/30 12:0 a.m.36 views

EulerOS 2.0 SP12 : libssh2 (EulerOS-SA-2024-1765)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

5.9CVSS7.1AI score0.93305EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2023/12/18 12:0 a.m.108 views

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2023-462)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-462 advisory. AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applie...

5.9CVSS6.7AI score0.93305EPSS
Exploits4References4
RedHat Linux
RedHat Linux
added 2020/12/14 12:58 p.m.3 views

postgresql: Reconnection can downgrade connection security settings

A flaw was found in postgresql. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could...

8.1CVSS7.1AI score0.01574EPSS
Exploits0References5
OSV
OSV
added 2019/03/07 4:34 p.m.6 views

MGASA-2019-0103 Updated gnutls packages fix security vulnerability

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

5.6CVSS5.2AI score0.00573EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/04/26 12:0 a.m.37 views

Puppet Multiple Vulnerabilities (2013/03/12)

According to its self-reported version number, the version of Puppet Open Source or Puppet Enterprise running on the remote host has the following vulnerabilities : - A vulnerability that allows an authenticated client to execute arbitrary code on a puppet master. CVE-2013-1640 - A vulnerability...

9CVSS6.2AI score0.04927EPSS
Exploits0References8
Rows per page
Query Builder