Lucene search
K

20721 matches found

EUVD
EUVD
added 2026/04/27 11:40 p.m.14 views

EUVD-2026-25957

Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys...

9.8CVSS5.1AI score0.00218EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:34 p.m.2 views

CVE-2026-40976

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/27 11:34 p.m.6 views

EUVD-2026-25940

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 11:34 p.m.30 views

CVE-2026-40976

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...

9.1CVSS0.00489EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/27 11:34 p.m.3 views

CVE-2026-40976

In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default web security filter...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References1
CVE
CVE
added 2026/04/27 11:34 p.m.218 views

CVE-2026-40976

CVE-2026-40976 affects Spring Boot 4.0.0–4.0.5. In vulnerable configurations, a servlet-based web application that relies on Spring Boot’s default web security (no custom Spring Security config), depends on spring-boot-actuator-autoconfigure, and does not rely on spring-boot-health can experience...

9.1CVSS5.3AI score0.00489EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/27 6:33 p.m.14 views

JLSEC-2026-215 OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include...

OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A...

5.3CVSS6.3AI score0.06232EPSS
Exploits0References25
OSV
OSV
added 2026/04/27 6:33 p.m.10 views

JLSEC-2026-271 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key...

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

7.5CVSS5.6AI score0.00435EPSS
Exploits0References6
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-236 Applications that use a non-default option when verifying certificates may be vulnerable to an...

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks. Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that...

5.3CVSS6.3AI score0.01583EPSS
Exploits0References12
OSV
OSV
added 2026/04/27 6:33 p.m.9 views

JLSEC-2026-249 Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when...

Issue summary: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions Impact summary: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in...

5.9CVSS6.9AI score0.54026EPSS
Exploits0References12
GithubExploit
GithubExploit
added 2026/04/27 6:18 p.m.118 views

Exploit for Improper Authentication in Adguard Adguardhome

CVE-2026-32136exploit - AdGuard Home h2c Upgrade Auth Bypass...

9.8CVSS7.9AI score0.00735EPSS
Exploits2
OSV
OSV
added 2026/04/27 3:30 p.m.9 views

GHSA-82FM-WPC2-5PMP Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade

Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deployments where an administrator enables storm.daemon.metrics.reporter.plugin.prometheus.skiptlsvalidation by default it is...

4.8CVSS5.8AI score0.00193EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/27 11:13 a.m.8 views

Authentication Bypass Using an Alternate Path or Channel

Overview Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the default authentication path to / when not explicitly configured in BasicAuthenticationConfigurer and JWTAuthenticationConfigurer. An attacker can access protected business...

8.3CVSS5.8AI score0.00622EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/04/27 12:0 a.m.13 views

firefox security update

140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.10.0-1 - Update to 140.10.0 ESR...

9.8CVSS5.2AI score0.04938EPSS
Exploits1
Oracle linux
Oracle linux
added 2026/04/27 12:0 a.m.10 views

firefox security update

140.10.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.10.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.10.0-1 - Update to 140.10.0 ESR...

9.8CVSS5.2AI score0.04938EPSS
Exploits1
Snyk
Snyk
added 2026/04/27 12:0 a.m.3 views

Insufficiently Protected Credentials

Overview org.springframework.ai:spring-ai-autoconfigure-model-transformers is a Spring AI ONNX Transformers Auto Configuration Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the default cache directory used by TransformersEmbeddingModel. An attacker c...

6.9CVSS5.5AI score0.00105EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/25 11:30 p.m.3 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

9.1CVSS5.8AI score0.00301EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/25 11:30 p.m.8 views

Interpretation Conflict

Overview Affected versions of this package are vulnerable to Interpretation Conflict due to case-sensitive handling of the host matching process. An attacker can bypass access control policies by sending requests with hostnames that differ only in letter casing, potentially gaining unauthorized...

9.1CVSS5.8AI score0.00301EPSS
Exploits0References3
OSV
OSV
added 2026/04/25 11:30 p.m.5 views

GHSA-72H4-MXFC-JX37 Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

7.8CVSS5.8AI score0.00301EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/25 11:30 p.m.17 views

Heimdall: Case-sensitive host matching may lead to policy bypass

Summary Heimdall performs host matching in a case-sensitive manner, while HTTP hostnames are case-insensitive. This discrepancy can result in heimdall failing to match a rule for a request host that differs only in letter casing, potentially causing the request to be classified differently than...

7.8CVSS5.4AI score0.00301EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder