CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

Tenable Nessus•added 2023/11/06 12:0 a.m.•20 views

Rocky Linux 8 : grilo (RLSA-2021:4339)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:4339 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to...

5.9CVSS6.3AI score0.00341EPSS

Exploits0References3

Amazon•added 2023/07/19 12:0 a.m.•28 views

Medium: libzapojit

Issue Overview: In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011. CVE-2021-39360 Affected Packages: libzapojit Note:...

7.5CVSS6.3AI score0.00841EPSS

Exploits0

Tenable Nessus•added 2023/01/06 12:0 a.m.•32 views

EulerOS Virtualization 3.0.2.6 : grilo (EulerOS-SA-2023-1087)

According to the versions of the grilo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates,...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References2

Tenable Nessus•added 2022/10/10 12:0 a.m.•43 views

EulerOS Virtualization 3.0.6.0 : grilo (EulerOS-SA-2022-2561)

7.5CVSS6.3AI score0.00841EPSS

Exploits0References2

Tenable Nessus•added 2022/09/15 12:0 a.m.•44 views

SUSE SLED12 / SLES12 Security Update : libzapojit (SUSE-SU-2022:3266-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3266-1 advisory. - In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References4

Tenable Nessus•added 2022/08/24 12:0 a.m.•33 views

SUSE SLED15 / SLES15 Security Update : gfbgraph (SUSE-SU-2022:2876-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2876-1 advisory. - In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References4

Tenable Nessus•added 2022/04/25 12:0 a.m.•23 views

EulerOS 2.0 SP8 : grilo (EulerOS-SA-2022-1567)

According to the versions of the grilo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users...

7.5CVSS6.4AI score0.00841EPSS

Exploits0References2

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2021-0504)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6AI score0.00522EPSS

Exploits0References4

Mageia•added 2021/12/02 4:49 p.m.•44 views

Updated gfbgraph packages fix security vulnerability

In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

5.9CVSS3.4AI score0.00219EPSS

Exploits0References2

Tenable Nessus•added 2021/11/17 12:0 a.m.•18 views

Oracle Linux 8 : grilo (ELSA-2021-4339)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-4339 advisory. 0.3.6-3 + grilo-0.3.6-3 - Fix TLS not being validated correctly - Resolves: rhbz1997234 Tenable has extracted the preceding description block directly from the...

5.9CVSS5.9AI score0.00341EPSS

Exploits0References2

OSV•added 2021/11/10 10:53 p.m.•4 views

MGASA-2021-0504 Updated libzapojit packages fix security vulnerability

In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. CVE-2021-39360...

5.9CVSS5.9AI score0.00522EPSS

Exploits0References3

Mageia•added 2021/10/13 7:39 p.m.•29 views

Updated grilo packages fix security vulnerability

Michael Catanzaro reported a problem in Grilo, a framework for discovering and browsing media. TLS certificate verification is not enabled on the SoupSessionAsync objects created by Grilo, leaving users vulnerable to network MITM attacks...

5.9CVSS3.4AI score0.00341EPSS

Exploits0References4

Tenable Nessus•added 2021/10/07 12:0 a.m.•28 views

SUSE SLES15 Security Update : grilo (SUSE-SU-2021:3295-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3295-1 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leavin...

5.9CVSS6.3AI score0.00341EPSS

Exploits0References4

Tenable Nessus•added 2021/09/29 12:0 a.m.•28 views

openSUSE 15 Security Update : grilo (openSUSE-SU-2021:1312-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1312-1 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References4

Tenable Nessus•added 2021/09/22 12:0 a.m.•30 views

Debian DLA-2762-1 : grilo - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2762 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MI...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References5

Tenable Nessus•added 2021/08/31 12:0 a.m.•31 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : GNOME grilo vulnerability (USN-5055-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5055-1 advisory. Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issu...

5.9CVSS6AI score0.00341EPSS

Exploits0References2

Tenable Nessus•added 2021/08/28 12:0 a.m.•33 views

Debian DSA-4964-1 : grilo - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-4964 advisory. - In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network...

7.5CVSS6.3AI score0.00841EPSS

Exploits0References6

RedhatCVE•added 2021/08/24 2:41 p.m.•32 views

CVE-2021-39365

In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011...

7.5CVSS3.5AI score0.00841EPSS

Exploits0References3