CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/04/30 1:37 p.m.•2 views

CVE-2026-5545

A flaw was found in libcurl. An application using libcurl that performs an authenticated HTTPS request after a Negotiate-authenticated one to the same host may incorrectly reuse the previous connection. This authentication bypass vulnerability allows the second request to be sent over a connectio...

6.5CVSS5.4AI score0.00363EPSS

Exploits1References4

Positive Technologies•added 2026/04/24 12:0 a.m.•3 views

PT-2026-34810

Name of the Vulnerable Software and Affected Versions SenseLive X3050 affected versions not specified Description The embedded management service in the SenseLive config application lacks authentication and authorization. This allows any reachable host to establish full administrative control and...

9.8CVSS5.3AI score0.00442EPSS

Exploits0References6

OSV•added 2026/03/11 11:15 a.m.•0 views

DEBIAN-CVE-2026-1965

libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...

6.5CVSS7.2AI score0.00259EPSS

Exploits0References1

Debian CVE•added 2026/03/11 10:8 a.m.•5 views

CVE-2026-1965

6.5CVSS7.2AI score0.00259EPSS

Exploits0

Positive Technologies•added 2026/03/11 12:0 a.m.•3 views

PT-2026-24661

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description libcurl may reuse an incorrect connection when handling Negotiate-authenticated HTTP or HTTPS requests. This occurs because libcurl maintains a pool of recent connections to avoid overhead. A...

6.8CVSS6.7AI score0.00333EPSS

Exploits1References74

OSV•added 2026/01/13 4:15 p.m.•1 views

CVE-2024-54855

fabricators Ltd Vanilla OS 2 Core image v1.1.0 was discovered to contain static keys for the SSH service, allowing attackers to possibly execute a man-in-the-middle attack during connections with other hosts...

6.4CVSS5.5AI score

Exploits0References3

OSV•added 2024/03/27 9:30 a.m.•1 views

GHSA-5667-3WCH-7Q7W Eclipse Vert.x memory leak

A vulnerability in the Eclipse Vert.x toolkit results in a memory leak due to using Netty FastThreadLocal data structures. Specifically, when the Vert.x HTTP client establishes connections to different hosts, triggering the memory leak. The leak can be accelerated with intimate runtime knowledge,...

6.5CVSS6.8AI score0.01639EPSS

Exploits0References16

CVE•added 2021/07/16 4:50 p.m.•45 views

CVE-2020-4980

CVE-2020-4980 affects IBM QRadar SIEM 7.3 (7.3.0–7.3.3 Patch 7) and 7.4 (7.4.0–7.4.3 GA). The issue arises from using less secure methods to protect data in transit between hosts when host-connection encryption is not enabled, and for data at rest. CVSS metrics show a base score of 6.5 (v3.1) wit...

6.5CVSS6.3AI score0.00271EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2018/06/27 6:1 p.m.•3 views

source-to-image: Builder images with assembler-user LABEL set to root allows attackers to execute arbitrary code

A privilege escalation flaw was found in the source-to-image component of Openshift Container Platform which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which a...

9CVSS5.8AI score0.0135EPSS

Exploits0References4