CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2026/02/03 12:0 a.m.•9 views

PT-2026-5766

The DDNS function uses an insecure HTTP connection or fails to validate the SSL/TLS certificate when querying an external server for the device's WAN IP address. An unauthenticated remote attacker can perform a Man-in-the-Middle MitM attack to spoof the response, leading the device to update its...

6.3CVSS5.6AI score0.00156EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-6341

Malware in sbrugna...

9.8CVSS9.5AI score0.01005EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-4474

Malware in sbrugna...

6.2CVSS6.4AI score0.0077EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-5853

Malware in sbrugna...

2.6CVSS6.1AI score0.00778EPSS

Exploits0References5

Veracode•added 2025/05/19 9:20 a.m.•9 views

Denial Of Service (DoS)

Undici is vulnerable to Denial Of Service DoS. The vulnerability is due to a memory leak because of a repeated webhook calls to servers with invalid SSL certificates...

3.1CVSS6.5AI score0.00254EPSS

Exploits0References5Affected Software1

Prion•added 2019/06/03 7:29 p.m.•13 views

Design/Logic Flaw

An insecure communication was found between a user and the Orpak SiteOmat management console for all known versions, due to an invalid SSL certificate. The attack allows for an eavesdropper to capture the communication and decrypt the data...

5CVSS9.3AI score0.01005EPSS

Exploits0References3Affected Software1

NVD•added 2019/06/03 7:29 p.m.•13 views

CVE-2017-14852

9.8CVSS9.5AI score0.01005EPSS

Exploits0References3

Vulnrichment•added 2019/06/03 6:57 p.m.•4 views

CVE-2017-14852

7.3AI score0.01005EPSS

Exploits0References3

Mozilla•added 2015/04/03 12:0 a.m.•49 views

Certificate verification bypass through the HTTP/2 Alt-Svc header — Mozilla

Security researcher Muneaki Nishimura discovered a flaw in the Mozilla's HTTP Alternative Services implementation. If an Alt-Svc header is specified in the HTTP/2 response, SSL certificate verification can be bypassed for the specified alternate server. As a result of this, warnings of invalid SS...

4.3CVSS8.6AI score0.01174EPSS

Exploits0References3Affected Software2

CVE•added 2011/02/07 8:19 p.m.•42 views

CVE-2010-4506

CVE-2010-4506 concerns Passlogix v-GO Self-Service Password Reset (SSPR) and OEM prior to version 7.0A. The flaw enables physically proximate attackers to run arbitrary programs without authentication by abusing an invalid SSL certificate and using Internet Explorer to navigate the filesystem via...

6.2CVSS7.6AI score0.0077EPSS

Exploits0References4Affected Software1

securityvulns•added 2000/06/07 12:0 a.m.•104 views

ALERT: Bypassing Warnings For Invalid SSL Certificates In Internet Explorer

=====BEGIN-ACROS-REPORT===== ========================================================================= ACROS Security Problem Report 1999-12-15-1-PUB ------------------------------------------------------------------------- Bypassing Warnings For Invalid SSL Certificates In Internet Explorer...

0.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by