Lucene search
+L

745 matches found

NVD
NVD
added 2020/07/02 4:15 p.m.26 views

CVE-2019-20894

Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...

7.5CVSS0.01557EPSS
Exploits1References1
OSV
OSV
added 2020/07/02 4:15 p.m.17 views

CVE-2019-20894

Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...

7.5CVSS6.7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/07/02 12:0 a.m.7 views

PT-2020-10858 · Containous · Traefik

Name of the Vulnerable Software and Affected Versions: Traefik versions 2.x Description: The issue allows HTTPS sessions to proceed without mutual TLS verification in certain configurations, where an error should have occurred due to a bad SSL client authentication certificate. This situation can...

7.5CVSS7.3AI score0.01557EPSS
Exploits1References11
NVD
NVD
added 2020/06/29 2:15 p.m.29 views

CVE-2019-18246

BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...

4.3CVSS0.00464EPSS
Exploits0References1
OSV
OSV
added 2020/06/29 2:15 p.m.7 views

CVE-2019-18246

BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...

4.3CVSS5.8AI score0.00464EPSS
Exploits0References1
Prion
Prion
added 2020/06/29 2:15 p.m.15 views

Authentication flaw

BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...

3.3CVSS4.9AI score0.00464EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2020/06/29 1:58 p.m.24 views

CVE-2019-18246

BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure...

4.9AI score0.00464EPSS
Exploits0References1
CVE
CVE
added 2020/06/29 1:58 p.m.46 views

CVE-2019-18246

The connected sources confirm CVE-2019-18246 affects BIOTRONIK CardioMessenger II (home monitoring unit). The root issue is improper authentication with the BIOTRONIK Remote Communication infrastructure (CWE-287), enabling an attacker with adjacent access to interact with or intercept communicati...

4.3CVSS4.9AI score0.00464EPSS
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2020/06/22 9:30 p.m.36 views

SAyHello - Capturing Audio (.Wav) From Target Using A Link

Capturing audio .wav from target using a link How it works? After the user grants microphone permissions, a website redirect button of your choice is released to distract the target while small audio files about 4 seconds in wav format are sent to the attacker. It uses Recorderjs, plugin for...

7.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2020/03/10 6:2 p.m.55 views

Improper Authentication in requests-kerberos

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS9.1AI score0.03615EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/03/04 12:0 a.m.6 views

The vulnerability of the PRNG component of the FortiOS operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the PRNG component in the FortiOS operating system relates to the use of a weak entropy source during key generation. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information, when FortiOS acts as a client...

7.8CVSS7.2AI score0.00996EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2020/02/26 2:48 p.m.6 views

New LTE Network Flaw Could Let Attackers Impersonate 4G Mobile Users

A group of academics from Ruhr University Bochum and New York University Abu Dhabi have uncovered security flaws in 4G LTE and 5G networks that could potentially allow hackers to impersonate users on the network and even sign up for paid subscriptions on their behalf. The impersonation attack —...

5.9AI score
Exploits0
OSV
OSV
added 2019/12/15 10:15 p.m.6 views

CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS9.6AI score0.03615EPSS
Exploits0References9
OSV
OSV
added 2019/12/15 10:15 p.m.2 views

DEBIAN-CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS8.5AI score0.03615EPSS
Exploits0References1
Prion
Prion
added 2019/12/15 10:15 p.m.17 views

Authentication flaw

python-requests-Kerberos through 0.5 does not handle mutual authentication...

7.5CVSS7.1AI score0.03615EPSS
Exploits0References4Affected Software2
PyPA
PyPA
added 2019/12/15 10:15 p.m.5 views

PYSEC-2019-200

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS7AI score0.03615EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/12/15 9:38 p.m.25 views

CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.6AI score0.03615EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2019/12/15 9:38 p.m.49 views

CVE-2014-8650

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS9.7AI score0.03615EPSS
Exploits0
Mageia
Mageia
added 2019/12/13 6:25 p.m.34 views

Updated proftpd packages fix security vulnerability

An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...

4.9CVSS2.7AI score0.01645EPSS
Exploits0References2
OSV
OSV
added 2019/11/30 11:15 p.m.0 views

DEBIAN-CVE-2019-19269

An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. A dereference of a NULL pointer may occur. This pointer is returned by the OpenSSL skX509REVOKEDvalue function when encountering an empty CRL installed by a system administrator. The dereference occurs when validating the...

4.9CVSS6AI score0.01645EPSS
Exploits0References1
Rows per page
Query Builder