Lucene search
K

4 matches found

NVD
NVD
added 2026/03/16 2:18 p.m.3 views

CVE-2026-20996

Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication...

7.1CVSS0.00168EPSS
Exploits0References1
OSV
OSV
added 2023/11/09 6:34 p.m.4 views

GHSA-CFC2-WR2V-GXM5 AsyncSSH Rogue Extension Negotiation

Summary An issue in AsyncSSH v2.14.0 and earlier allows attackers to control the extension info message RFC 8308 via a man-in-the-middle attack. Details The rogue extension negotiation attack targets an AsyncSSH client connecting to any SSH server sending an extension info message. The attack...

5.3CVSS6.1AI score0.00586EPSS
Exploits0References12
OSV
OSV
added 2022/05/17 2:54 a.m.5 views

GHSA-PXV5-5VMP-3JJ4 Improper Authentication in Apache Hadoop

The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade ...

3.2CVSS5.9AI score0.01069EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/01/21 5:33 p.m.6 views

hadoop: man-in-the-middle vulnerability

The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade ...

3.2CVSS5.8AI score0.01069EPSS
Exploits0References4
Rows per page
Query Builder