Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-51007

Malicious code in bioql PyPI...

6.3CVSS5AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2023/02/16 4:15 p.m.20 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.2AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2023/02/16 4:15 p.m.4 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

3.7CVSS5.8AI score0.00206EPSS
Exploits0References1
Prion
Prion
added 2023/02/16 4:15 p.m.37 views

Authentication flaw

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

3.6CVSS4.2AI score0.00206EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/16 12:0 a.m.4 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.8AI score0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/16 12:0 a.m.25 views

CVE-2022-48307

It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-the-middle attack. A successful man-in-the-middle attack...

6.3CVSS6.4AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2023/02/16 12:0 a.m.44 views

CVE-2022-48307

The CVE-2022-48307 entry concerns Magritte-ftp where hostnames were not verified in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. This allowed a network-positioned attacker to perform a man-in-the-middle attack, intercepting and potentially reading or modifying traff...

6.3CVSS4.2AI score0.00206EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder