Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-25721

Malware in sbrugna...

5.9CVSS5.7AI score0.00831EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-25726

Malware in sbrugna...

5.9CVSS5.7AI score0.00866EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2016-20011

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds withou...

7.5CVSS6.2AI score0.01469EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2021/08/24 2:41 p.m.44 views

CVE-2021-39360

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

7.5CVSS3.7AI score0.01469EPSS
Exploits0References3
Prion
Prion
added 2021/08/22 10:15 p.m.44 views

Code injection

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

4.3CVSS5.8AI score0.01469EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2021/08/22 7:15 p.m.28 views

CVE-2021-39360

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

5.9CVSS0.00831EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/08/22 7:15 p.m.32 views

CVE-2021-39358

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

5.9CVSS6.2AI score0.00708EPSS
Exploits0References3
Prion
Prion
added 2021/08/22 7:15 p.m.26 views

Code injection

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

4.3CVSS5.7AI score0.01469EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/08/22 7:15 p.m.22 views

Code injection

In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

4.3CVSS5.7AI score0.01469EPSS
Exploits0References4Affected Software2
Prion
Prion
added 2021/08/22 7:15 p.m.27 views

Code injection

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

4.3CVSS5.7AI score0.01469EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2021/08/22 6:46 p.m.30 views

CVE-2021-39361

In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

6.7AI score0.00557EPSS
Exploits0References2
Mageia
Mageia
added 2021/07/12 8:26 p.m.39 views

Updated libgrss packages fix security vulnerability

libgrss does not perform any TLS certificate verification because it uses the deprecated SoupSessionAsync, which requires manually enabling certificate verification, rather than a modern SoupSession that has good defaults CVE-2016-20011...

7.5CVSS2.5AI score0.01469EPSS
Exploits0References2
CVE
CVE
added 2021/05/25 8:9 p.m.146 views

CVE-2016-20011

CVE-2016-20011 affects libgrss up to version 0.7.0. The issue is that TLS certificate verification is not performed when downloading feeds due to the default behavior of SoupSessionSync, allowing a remote attacker to manipulate feed contents without detection (MITM). The connected Nessus items co...

7.5CVSS6.3AI score0.01469EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder