CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

371 matches found

Cvelist•added 2026/02/09 3:24 a.m.•25 views

CVE-2025-66600

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product lacks HSTS HTTP Strict Transport Security configuration. When an attacker performs a Man in the middle MITM attack, communications with the web server could be sniffed. The affected products and...

8.8CVSS0.00066EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:31 p.m.•5 views

CVE-2023-4342

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy...

9.8CVSS6.9AI score0.00106EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:29 a.m.•9 views

CVE-2023-50962

IBM PowerSC 1.3, 2.0, and 2.1 MFA does not implement the "HTTP Strict Transport Security" HSTS web security policy mechanism. IBM X-Force ID: 276004...

7.5CVSS6.5AI score0.00031EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:4 a.m.•5 views

CVE-2024-39746

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the...

5.9CVSS6.2AI score0.00023EPSS

Exploits0References1

RedhatCVE•added 2025/11/21 3:43 p.m.•10 views

CVE-2025-36161

IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict-Transport-Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques...

5.9CVSS6.4AI score0.00016EPSS

Exploits0References1