Lucene search
+L

34 matches found

Microsoft CVE
Microsoft CVE
added 2020/10/25 12:0 a.m.4 views

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".

...

8.1CVSS8.8AI score0.02462EPSS
Exploits0
PyPA
PyPA
added 2020/08/27 10:15 p.m.9 views

PYSEC-2020-252

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName...

9.8CVSS7.1AI score0.00759EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2020/06/22 6:15 p.m.5 views

CVE-2020-14980

The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation...

5.9CVSS6.2AI score0.01148EPSS
Exploits0References2
OSV
OSV
added 2020/06/22 6:15 p.m.4 views

CVE-2020-14981

The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation...

5.9CVSS6.2AI score0.00816EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/06/18 12:0 a.m.26 views

Palo Alto GlobalProtect Agent 5.0.x < 5.0.10 / 5.1.x < 5.1.4 Missing Certificate Validation

The version of Palo Alto GlobalProtect Agent installed on the remote host is 5.0.x prior to 5.0.10, or 5.1.x prior to 5.1.4. It is, therefore, affected by a missing certificate validation vulnerability. When the pre-logon feature is enabled, a missing certification validation in Palo Alto Network...

5.3CVSS5.8AI score0.00761EPSS
Exploits0References2
Palo Alto Networks
Palo Alto Networks
added 2020/06/10 4:0 p.m.55 views

GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing...

5.3CVSS3.1AI score0.00761EPSS
Exploits0References1
OSV
OSV
added 2020/03/16 9:15 p.m.5 views

CVE-2020-6175

Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation...

5.9CVSS6.2AI score0.0059EPSS
Exploits0References2
NVD
NVD
added 2019/10/30 10:15 p.m.15 views

CVE-2019-18633

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. NOTE: only 2.1 is confirmed to be affected...

9.8CVSS9.4AI score0.00765EPSS
Exploits1References1
CVE
CVE
added 2019/10/30 9:16 p.m.54 views

CVE-2019-18633

CVE-2019-18633 concerns the European Commission eIDAS-Node Integration Package. Connected sources confirm a vulnerability in Missing Certificate Validation where a certain ExplicitKeyTrustEvaluator return value is not checked. The issue is explicitly tied to the package versions “before 2.3.1,” a...

9.8CVSS9.3AI score0.00765EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/10/30 9:16 p.m.28 views

CVE-2019-18633

European Commission eIDAS-Node Integration Package before 2.3.1 has Missing Certificate Validation because a certain ExplicitKeyTrustEvaluator return value is not checked. NOTE: only 2.1 is confirmed to be affected...

9.4AI score0.00765EPSS
Exploits1References1
OSV
OSV
added 2019/10/28 4:15 p.m.4 views

CVE-2019-5538

Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...

5.9CVSS5.8AI score0.00654EPSS
Exploits0References1
OSV
OSV
added 2019/06/20 3:15 p.m.4 views

CVE-2017-17944

The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation...

9.1CVSS5.8AI score0.0092EPSS
Exploits1References1
OSV
OSV
added 2018/06/26 4:29 p.m.4 views

ALPINE-CVE-2018-1000500

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file"...

8.1CVSS7.8AI score0.02462EPSS
Exploits0References1
OSV
OSV
added 2018/02/23 5:29 p.m.4 views

UBUNTU-CVE-2012-6709

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation...

5.9CVSS6.2AI score0.00579EPSS
Exploits0References5
Rows per page
Query Builder