Design/Logic Flaw

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

CVE-2014-8155

GnuTLS before 2.9.10 does not verify the activation and expiration dates of CA certificates, which allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is 1 not yet valid or 2 no longer valid...

Amazon Linux AMI : gnutls (ALAS-2015-575)

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. CVE-2014-8155 It was found that GnuTLS did not verify whether a hashing...

w3schools.com XSS vulnerability

Vulnerable URL: http://www.w3schools.com/css/tryitview.asp?x=0.3865461222300134 Details: Description| Value ---|--- Patched:| Yes, at 27.01.2017 Latest check for patch:| 27.01.2017 08:38 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 206 Google Pagerank| 7 VIP...

gnutls: gnutls does not perform date/time checks on CA certificates

It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired...

Cryptowall 3.0 Infections Spike from Angler EK, Malicious Spam

Since the Angler Exploit Kit began in late May spreading Cryptowall 3.0 ransomware, traffic containing the malware has continued to grow, putting more potential victims in harm’s way. Today, the SANS Internet Storm Center reported that Cryptowall 3.0 infections are emanating from not only the...

CVE-2015-3043

creationtimestamp| type| source ---|---|--- 2015-04-20 06:14:06+00:00| seen| MISP/553498df-ff70-43d0-b067-4cf3950d210b 2015-07-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/37536 2015-10-15 22:07:38+00:00| seen| MISP/56201e1d-f4dc-4ddd-8049-4f2e950d210b 2017-04-26...

PT-2015-4018 · Gnu +4 · Gnutls +4

Name of the Vulnerable Software and Affected Versions: GnuTLS versions prior to 2.9.10 Description: The issue allows man-in-the-middle attackers to spoof servers via a certificate issued by a CA certificate that is either not yet valid or no longer valid, due to the failure to verify the activati...

CVE-2015-0002

creationtimestamp| type| source ---|---|--- 2015-01-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/35661 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/ntapphelpcachecontrol.rb 2025-02-06 03:13:42+00:00...

php: xmlrpc ISO8601 date format parsing out-of-bounds read in mkgmtime()

An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash...

CVE-2014-6446

creationtimestamp| type| source ---|---|--- 2014-10-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34925 2017-07-11 02:04:41+00:00| published-proof-of-concept| https://t.me/HackingPublicoficial/162 2018-05-29 15:50:33+00:00| seen|...

SSL/TLS Certificate Validity Dates Detection

Binary data 7126.pasl...

CVE-2014-3913

creationtimestamp| type| source ---|---|--- 2014-06-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33817 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ericomaccessnowbof.rb 2025-02-06 03:13:41+00:00|...

CVE-2014-3120

creationtimestamp| type| source ---|---|--- 2014-05-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33370 2014-05-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33588 2014-10-20 06:04:12+00:00| seen| MISP/5444a4b6-a7b8-41f0-8f49-45c7950d210b 2018-05-29...

MGASA-2014-0160 Updated moodle packages fix multiple security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.9, question strings were not being filtered correctly possibly allowing cross site scripting, as quizquestiontostring can cause invalid HTML CVE-2014-2571. Feedback Availability dates not honored in complete.php in Moodle...

Sql injection

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter to news/send.php, 2 threadid parameter to posts/edit.php, or 3 useremail parameter to users/password.php or 4 users/register.php. NOTE: these issues were SPLIT...

CVE-2013-5877

creationtimestamp| type| source ---|---|--- 2014-03-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/31992 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/oracledemantrafileretrieval.rb 2025-02-06...

Adobe ColdFusion Unsupported Version Detection (credentialed check)

According to its version, the installation of Adobe ColdFusion running on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities. C Tenable Network...

CVE-2013-3631

creationtimestamp| type| source ---|---|--- 2013-10-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/29320 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/nas4freephpexec.rb 2025-02-06 03:13:41+00:00| seen|...

CVE-2013-2465

creationtimestamp| type| source ---|---|--- 2013-08-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27705 2013-09-05 07:51:03+00:00| seen| MISP/5228311f-08d0-42fd-86a4-3f1cac1d4fa4 2014-01-15 10:35:25+00:00| seen| MISP/52d6636d-b21c-468f-aa25-4b3c950d2109 2014-02-27...