Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

OSV
OSVadded 2026/05/07 2:6 a.m.2 views

GHSA-FF6C-W6QF-7XQC CSS Parser: Improper Certificate Validation allows MITM injection of remote CSS content

Summary The CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle MITM attacker to inject or modify CSS content when stylesheets are loaded via HTTPS. The connection is established with OpenSSL::SSL::VERIFYNONE, meaning any HTTPS certificate—even entirely untrusted—will...

5.8CVSS5.8AI score0.00021EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.2 views

MiracleLinux 7 : python-2.7.5-58.0.1.el7.AXS7 (AXSA:2017-2065:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2065:01 advisory. tv4 - Tiny Validator for v4 JSON Schema JavaScript library packaged for setuptools easyinstall / pip. Use json-schema draft v4 to validate simple values and...

5.8CVSS6.9AI score0.02758EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2017-15209

Malware in sbrugna...

7.4CVSS7.5AI score0.00172EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-5281

Malicious code in bioql PyPI...

7.4CVSS7.3AI score0.00235EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-37771

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00222EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2021-8690

Malicious code in bioql PyPI...

8.8CVSS7.5AI score0.00187EPSS
Exploits0References3
OSV
OSVadded 2025/08/13 3:15 p.m.1 views

CVE-2025-54809

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS5.8AI score0.0008EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:30 p.m.4 views

CVE-2021-21385

Mifos-Mobile Android Application for MifosX is an Android Application built on top of the MifosX Self-Service platform. Mifos-Mobile before commit e505f62 disables HTTPS hostname verification of its HTTP client. Additionally it accepted any self-signed certificate as valid. Hostname verification ...

8.8CVSS6.7AI score0.00187EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 7:46 p.m.6 views

CVE-2021-3285

jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS...

5.3CVSS7.1AI score0.14058EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 5:1 p.m.3 views

CVE-2020-26234

Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when using HTTPS to ensure that the presented certificate is valid for the host. Disabling it can allow for...

4.8CVSS6.6AI score0.00079EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2023/02/15 5:25 a.m.2 views

SUSE CVE-2014-9365

The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches a domain name in the subject'...

5.8CVSS9.1AI score0.02758EPSS
Exploits1References3
Rows per page
Query Builder