Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2020/03/28 1:54 p.m.43 views

CVE-2018-8039

It was discovered that when Apache CXF is configured to use the system property com.sun.net.ssl.internal.www.protocol ,it uses reflection to make the HostnameVerifier work with old com.sun.net.ssl.HostnameVerifier interface. Although the CXF implementation throws an exception, which is caught in...

8.1CVSS2.6AI score0.02899EPSS
Exploits0References2
Hacker One
Hacker Oneadded 2020/02/13 6:43 a.m.16 views

Razer: Insecure HostnameVerifier within WebView of Razer Pay Android (TLS Vulnerability)

The tester discovered the Razer Pay Android application was vulnerable to a client side hijack which could have allowed the capture of important user data. Razer Fintech thanks the tester for their clear PoC...

1.7AI score
Exploits0
Github Security Blog
Github Security Blogadded 2018/10/19 4:40 p.m.83 views

Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.*

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty"java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol";'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old...

8.1CVSS7.8AI score0.02899EPSS
Exploits0References27Affected Software2
OSV
OSVadded 2018/07/02 1:29 p.m.20 views

CVE-2018-8039

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty"java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol";'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old...

8.1CVSS7.1AI score0.02899EPSS
Exploits0References24
myhack58
myhack58added 2016/09/14 12:0 a.m.13 views

Android security of Https man in the middle attacks vulnerability-vulnerability warning-the black bar safety net

0X01 overview ! HTTPS, is anetwork securitytransmission Protocol, usingSSL/TLSto the data packet to be encrypted,to providenetworkserverauthentication, the exchange of data protection of privacy andintegrity is. Man in the middle attacks, Man-in-the-middle attack, abbreviation: the MITM refers to...

0.3AI score
Exploits0
myhack58
myhack58added 2015/03/17 12:0 a.m.32 views

Android HTTPS MiTM hijacking vulnerability analysis-vulnerability warning-the black bar safety net

The 1. Android HTTPS MiTM hijacking vulnerability description In cryptography and computer security field, the man in the middle attacks Man-in-the-middle attack, often abbreviated as MITM refers to an attacker with the communications at both ends, respectively, to create the separate contact, an...

0.3AI score
Exploits0
securityvulns
securityvulnsadded 2014/08/11 12:0 a.m.86 views

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java

CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java =================================================================== Smack http://www.igniterealtime.org/projects/smack/ is an Open Source XMPP Jabber client library for instant messaging and presence written in Java. Smack prior ...

6.8CVSS0.8AI score0.00897EPSS
Exploits0
Rows per page
Query Builder