Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26 matches found

CVE
CVEadded 2024/10/18 7:31 a.m.46 views

CVE-2023-6056

CVE-2023-6056 describes a vulnerability in Bitdefender Total Security’s HTTPS scanning that causes improper trust of self-signed certificates, specifically those signed with the RIPEMD-160 hash, without proper validation. This weakness can enable a man‑in‑the‑middle (MITM) SSL connection to arbit...

8.6CVSS7.4AI score0.00163EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2024/10/18 7:17 a.m.44 views

CVE-2023-6055

CVE-2023-6055 describes a certificate validation flaw in Bitdefender Total Security’s HTTPS scanning. The vulnerability occurs when the site certificate lacks the Extended Key Usage spec for Server Authentication; the product may consider such certificates valid and proceed with TLS interception,...

8.6CVSS7.3AI score0.00237EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/10/18 7:17 a.m.12 views

CVE-2023-6055 Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

8.6CVSS6.6AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/10/18 7:17 a.m.13 views

CVE-2023-6055 Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

8.6CVSS0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/10/18 12:0 a.m.2 views

PT-2024-13750 · Bitdefender · Bitdefender Total Security

Name of the Vulnerable Software and Affected Versions: Bitdefender Total Security versions prior to the latest version Description: A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't...

8.6CVSS7AI score0.00222EPSS
Exploits0References17
0day.today
0day.todayadded 2013/04/04 12:0 a.m.43 views

Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution

Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities. ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable...

9.3CVSS0.3AI score0.8235EPSS
Exploits12
Rows per page
Query Builder