Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/13 8:48 p.m.7 views

CVE-2026-32627

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client is configured with a proxy and setfollowlocationtrue, any HTTPS redirect it follows will have TLS certificate and hostname verification silently disabled on the new...

8.7CVSS5.6AI score0.00179EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/09/05 12:0 a.m.4 views

The vulnerability of the WebSocket client component of the Apache Tomcat application server arises from errors in checking host names when using the Transport Layer Security (TLS) protocol. This vulnerability allows attackers to circumvent existing security restrictions.

The vulnerability of the WebSocket client component of the Apache Tomcat application server is related to errors in checking host names when using the Transport Layer Security TLS protocol. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotel...

7.8CVSS7.7AI score0.213EPSS
Exploits0References18Affected Software13
Tenable Nessus
Tenable Nessus
added 2016/04/05 12:0 a.m.47 views

Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)

Security Fixes : - It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a...

7.2CVSS7.2AI score0.30146EPSS
Exploits6References25
RedHat Linux
RedHat Linux
added 2015/06/11 5:47 p.m.52 views

Important: Red Hat Security Advisory: wpa_supplicant security and enhancement update

An updated wpasupplicant package that fixes two security issues and adds one enhancement is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

5.8CVSS6.8AI score0.05228EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2015/02/11 5:38 p.m.5 views

CXF: SSL hostname verification bypass, incomplete CVE-2012-5783 fix

It was found that the fix for CVE-2012-5783 was incomplete: the code added to check that the server host name matches the domain name in a subject's Common Name CN field in X.509 certificates was flawed. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially...

5.8CVSS7.2AI score0.09254EPSS
Exploits0References4
Debian
Debian
added 2013/11/17 6:32 p.m.33 views

[SECURITY] [DSA 2798-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2798-1 [email protected] http://www.debian.org/security/ Michael Gilbert November 17, 2013 http://www.debian.org/security/faq -...

4.3CVSS1AI score0.03076EPSS
Exploits0
Rows per page
Query Builder