Lucene search
K

4 matches found

OSV
OSV
added 2026/01/10 12:20 a.m.6 views

CVE-2026-22025 CryptoLib Memory Leak on HTTP Error Response in KMC Client

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to version 1.4.3, when the KMC server returns a non-200 HTTP...

6.3CVSS6.8AI score0.00497EPSS
Exploits1References5
OSV
OSV
added 2020/04/16 3:14 a.m.2 views

GHSA-PC5P-H8PF-MVWP Machine-In-The-Middle in https-proxy-agent

Versions of https-proxy-agent prior to 2.2.3 are vulnerable to Machine-In-The-Middle. The package fails to enforce TLS on the socket if the proxy server responds the to the request with a HTTP status different than 200. This allows an attacker with access to the proxy server to intercept...

6.1CVSS5.9AI score
Exploits0References4
OpenVAS
OpenVAS
added 2009/06/16 12:0 a.m.37 views

Mozilla Seamonkey Multiple Vulnerability Jun-09 (Linux)

The host is installed with Seamonkey, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbseamonkeymultvulnjun09lin.nasl 4869 2016-12-29 11:01:45Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Jun-09 Linux Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone...

9.3CVSS0.7AI score0.09282EPSS
Exploits7References8
Mozilla
Mozilla
added 2009/06/11 12:0 a.m.38 views

SSL tampering via non-200 responses to proxy CONNECT requests — Mozilla

Microsoft security researchers Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang reported that when a CONNECT request is sent to a proxy server and a non-200 response is returned, then the body of the response is incorrectly rendered within the context of the request Host: header. An active...

6.8CVSS0.5AI score0.02032EPSS
Exploits1References2Affected Software3
Rows per page
Query Builder