CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

OSV•added 2026/04/17 9:16 p.m.•1 views

DEBIAN-CVE-2026-33689

xrdp is an open source RDP server. Versions through 0.10.5 have an out-of-bounds read vulnerability in the pre-authentication RDP message parsing logic. A remote, unauthenticated attacker can trigger this flaw by sending a specially crafted sequence of packets during the initial connection phase...

9.1CVSS5.7AI score0.00182EPSS

Exploits0References1

Tenable Nessus•added 2025/11/13 12:0 a.m.•5 views

Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2020-14145)

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

5.9CVSS6.7AI score0.01254EPSS

Exploits2References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2002-0428

Malware in sbrugna...

5CVSS6.4AI score0.06281EPSS

Exploits1References5

Positive Technologies•added 2025/02/25 12:0 a.m.•1 views

PT-2025-7889 · O Ran · O-Ran Near Realtime Ric

Name of the Vulnerable Software and Affected Versions: O-RAN Near Realtime RIC I-Release affected versions not specified Description: An issue was discovered that allows an attacker to disrupt the initial connection between a gNB and the Near RT-RIC. This can be achieved by sending a high volume ...

4.3CVSS6.8AI score0.00075EPSS

Exploits0References4

Broadcom•added 2023/08/01 12:0 a.m.•44 views

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation

5.9CVSS7.2AI score0.01254EPSS

Exploits2

SUSE CVE•added 2023/02/15 4:20 a.m.•1 views

SUSE CVE-2018-1000155

OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID DataPath IDentifier in the featuresreply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network...

9.8CVSS6.8AI score0.00475EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 3:58 a.m.•1 views

SUSE CVE-2020-14145

5.9CVSS6.6AI score0.01254EPSS

Exploits2References24

OSV•added 2022/03/19 11:3 a.m.•1 views

OESA-2022-1575 postgresql security update

PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...

8.1CVSS7.8AI score0.00281EPSS

Exploits0References3

OSV•added 2022/03/04 4:15 p.m.•1 views

DEBIAN-CVE-2021-23214

When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption...

8.1CVSS7.3AI score0.00193EPSS

Exploits0References1

OSV•added 2022/03/04 4:15 p.m.•0 views

AZL-8973 CVE-2021-23214 affecting package postgresql for versions less than 14.2-1

8.1CVSS7AI score0.00193EPSS

Exploits0References1

OSV•added 2021/11/22 4:15 p.m.•0 views

UBUNTU-CVE-2021-3935

When PgBouncer is configured to use "cert" authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of TLS certificate verification and encryption. This flaw affects PgBouncer versions prior to 1.16.1...

8.1CVSS7.4AI score0.00077EPSS

Exploits0References7

RedHat Linux•added 2021/11/09 5:59 p.m.•1 views

openssh: Observable discrepancy leading to an information leak in the algorithm negotiation

A flaw was found in OpenSSH in versions 5.7 through 8.3, where an Observable Discrepancy occurs and leads to an information leak in the algorithm negotiation. This flaw allows a man-in-the-middle attacker to target initial connection attempts, where there is no host key for the server that has be...

5.9CVSS7.1AI score0.01254EPSS

Exploits2References4

Mageia•added 2021/03/12 1:25 a.m.•61 views

Updated openssh packages fix a security vulnerability

The client side in OpenSSH 5.7 through 8.3 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client CVE-2020-14145...

5.9CVSS4.1AI score0.01254EPSS

Exploits2References2

Microsoft CVE•added 2020/09/25 12:0 a.m.•1 views

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

...

5.9CVSS7AI score0.01254EPSS

Exploits2

NVD•added 2020/06/29 6:15 p.m.•30 views

CVE-2020-14145

5.9CVSS0.01254EPSS

Exploits2References8

NVD•added 2020/06/29 6:15 p.m.•14 views

CVE-2020-14002

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...

5.9CVSS0.00746EPSS

Exploits0References7

OSV•added 2020/06/29 6:15 p.m.•15 views

CVE-2020-14002

5.9CVSS6.3AI score

Exploits0References7

OSV•added 2020/06/29 6:15 p.m.•28 views

CVE-2020-14145

5.9CVSS6.3AI score0.01254EPSS

Exploits2References8