Lucene search
K

12 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-54291

pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to...

8.2CVSS0.00251EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

FreeBSD : PostgresSQL JDBC -- Silent channel-binding authentication downgrade via unsupported certificate algorithms (7701f760-745c-11f1-bc50-6cc21735f730)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7701f760-745c-11f1-bc50-6cc21735f730 advisory. PostgreSQL project reports: channelBinding=require connections can be silently downgraded from...

8.2CVSS6AI score0.00251EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2026/03/17 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2026-1574)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.8AI score0.0039EPSS
Exploits1References2
OSV
OSV
added 2025/11/07 8:15 a.m.6 views

AZL-69766 CVE-2025-10966 affecting package cmake 3.21.4-21

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more...

4.3CVSS6.3AI score0.0039EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-8591

Malware in sbrugna...

6.8CVSS6.6AI score0.00666EPSS
Exploits1References3
OSV
OSV
added 2025/05/23 2:0 p.m.3 views

OESA-2025-1553 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Erlang/OTP is a set of libraries for the Erlang...

3.7CVSS6.8AI score0.00442EPSS
Exploits0References2
OSV
OSV
added 2025/03/25 9:2 a.m.2 views

SUSE-SU-2025:20160-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-26465: Fixed MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client bsc1237040. - CVE-2025-26466: Fixed DoS attack against OpenSSH's client and server bsc1237041. Other bugfixes: - Fix ssh client segfault with...

6.8CVSS7.1AI score0.38474EPSS
Exploits5References17
OSV
OSV
added 2024/08/01 6:5 p.m.7 views

CLSA-2024-1722535503 systemd: Fix of CVE-2023-7008

CVE-2023-7008: prevent systemd-resolved from accepting DNS records of DNSSEC- signed domains without a signature to mitigate man-in-the-middle attacks...

5.9CVSS6.6AI score0.00849EPSS
Exploits0References1
Prion
Prion
added 2021/09/20 8:15 p.m.21 views

Stack overflow

TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairin...

4.3CVSS6.6AI score0.00666EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/09/20 7:20 p.m.32 views

CVE-2020-16630

TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairin...

6.6AI score0.00666EPSS
Exploits1References2
n0where
n0where
added 2017/09/20 5:11 a.m.30 views

Ghost In The Net

Ultimate Network Stealther that makes Linux a Ghost In The Net and protects from MITM/DOS/scan Properties: Network Invisibility Network Anonymity Protects from MITM/DOS Transparent Cross-platform Minimalistic Dependencies: Linux 2.4.26+ – will work on any Linux-based OS, including Whonix and...

Exploits0References1
Hacker One
Hacker One
added 2014/06/29 11:26 a.m.36 views

jsDelivr: HSTS Policy not enabled on cdn.jsdelivr.net

This one provides MITM against SSL attacks protection. You should enable this just in case. Hope this helps...

1.4AI score
Exploits0
Rows per page
Query Builder