Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7607 matches found

OSV
OSVadded 2025/08/13 3:15 p.m.2 views

CVE-2025-54809

F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS5.8AI score0.0008EPSS
Exploits0References1
Circl
Circladded 2025/08/13 5:49 a.m.4 views

CVE-2025-4410

creationtimestamp| type| source ---|---|--- 2025-08-13 05:49:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwb4vtqwsi2s...

7.5CVSS4.8AI score0.0002EPSS
Exploits0References1
Circl
Circladded 2025/08/12 3:54 p.m.8 views

CVE-2025-43735

creationtimestamp| type| source ---|---|--- 2025-08-12 15:54:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw7oab67qq2z...

6.9CVSS4.8AI score0.0007EPSS
Exploits0References1
Circl
Circladded 2025/08/12 8:29 a.m.9 views

CVE-2025-8081

creationtimestamp| type| source ---|---|--- 2025-08-12 08:29:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw6versg6n2p 2025-10-17 12:59:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/55853 2025-10-17 21:00:04+00:00| published-proof-of-concept|...

4.9CVSS4.8AI score0.00147EPSS
Exploits1References2
Circl
Circladded 2025/08/12 4:15 a.m.3 views

CVE-2025-8568

creationtimestamp| type| source ---|---|--- 2025-08-12 04:15:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw6h7fdfz32z...

6.4CVSS7.3AI score0.00057EPSS
Exploits0References1
Circl
Circladded 2025/08/11 9:58 p.m.4 views

CVE-2025-53188

creationtimestamp| type| source ---|---|--- 2025-08-11 21:58:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw5s5lbhcs2p...

4.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/08/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-31043

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Guzzle is an open source PHP HTTP client. In affected versions Authorization headers on requests are sensitive information. On making a request using the https...

7.5CVSS7.1AI score0.01454EPSS
Exploits0References2
Circl
Circladded 2025/08/10 6:6 p.m.6 views

CVE-2025-8810

creationtimestamp| type| source ---|---|--- 2025-08-10 18:06:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lw2uq6tiuf2z 2025-08-11 15:39:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115010881354876002...

9CVSS7.3AI score0.00677EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2025/08/08 12:29 a.m.4 views

CVE-2025-46659

An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request...

7.5CVSS6.4AI score0.00307EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2025/08/07 11:22 p.m.1 views

SUSE CVE-2025-54799

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS7AI score0.0018EPSS
Exploits0References4
AlpineLinux
AlpineLinuxadded 2025/08/07 1:15 a.m.9 views

CVE-2025-54799

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS7.1AI score0.0018EPSS
Exploits0References2
OSV
OSVadded 2025/08/07 1:15 a.m.1 views

DEBIAN-CVE-2025-54799

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS5.3AI score0.0018EPSS
Exploits0References1
NVD
NVDadded 2025/08/07 1:15 a.m.9 views

CVE-2025-54799

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS0.0018EPSS
Exploits0References2
OSV
OSVadded 2025/08/07 1:15 a.m.0 views

UBUNTU-CVE-2025-54799

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS5.8AI score0.0018EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/08/07 12:4 a.m.4 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS6.2AI score0.0018EPSS
Exploits0References2
OSV
OSVadded 2025/08/07 12:4 a.m.5 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS6.5AI score0.0018EPSS
Exploits0References4
CVE
CVEadded 2025/08/07 12:4 a.m.81 views

CVE-2025-54799

CVE-2025-54799 affects the Lets Encrypt Go-based client and the lego v4/acme/api package. In 4.25.1 and earlier, the library does not enforce HTTPS when the ACME client communicates with CAs, applying to both the initial discover URL and the URLs returned in directory/order objects. If an HTTP UR...

6CVSS6.2AI score0.0018EPSS
Exploits0References2
Snyk
Snykadded 2025/08/07 12:4 a.m.1 views

Cleartext Transmission of Sensitive Information

Overview Affected versions of this package are vulnerable to Cleartext Transmission of Sensitive Information due to the lack of HTTPS enforcement for the ACME client. An attacker can intercept sensitive information by capturing unencrypted network traffic if the library user accidentally inputs a...

6CVSS6.7AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/08/07 12:4 a.m.9 views

CVE-2025-54799 Lego does not enforce HTTPS

Let's Encrypt client and ACME library written in Go Lego. In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package thus the lego library and the lego cli as well don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME...

6CVSS0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/08/07 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-6434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP, lacked an anti-clickjacking delay, potentially allowing an attacker ...

4.3CVSS5.8AI score0.00171EPSS
Exploits0References2
Rows per page
Query Builder