CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Github Security Blog•added 2021/04/13 3:42 p.m.•31 views

Improper Certificate Validation in TweetStream

TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...

5.9CVSS5.7AI score0.00185EPSS

Exploits1References3Affected Software1

RubySec•added 2021/04/13 12:0 a.m.•12 views

Improper Certificate Validation in TweetStream

TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...

5.9CVSS2.9AI score0.00185EPSS

Exploits1References1

Prion•added 2021/02/19 11:15 p.m.•11 views

Input validation

TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...

4.3CVSS5.5AI score0.00185EPSS

Exploits1References2Affected Software1

Cvelist•added 2021/02/19 10:44 p.m.•11 views

CVE-2020-24393

TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack...

5.5AI score0.00185EPSS

Exploits1References2

Cvelist•added 2020/05/25 9:49 p.m.•19 views

CVE-2020-13482

EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified...

7.1AI score0.00139EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by