Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 4 hours ago3 views

EUVD-2026-39575

TLS 1.3 post-handshake authentication PHA issue where a server could accept a client's Finished message without the client having sent a Certificate and CertificateVerify. The post-handshake-auth exemption that allows an empty/absent peer certificate was only intended for the initial handshake, b...

6CVSS5.8AI score
Exploits0References3
CVE
CVEadded yesterday7 views

CVE-2026-55962

CVE-2026-55962 (WolfSSL) : TLS 1.3 post-handshake authentication could allow a server to accept a client’s Finished message without a Certificate and CertificateVerify if a post-handshake CertificateRequest was outstanding. The fix scopes the check to the initial handshake: after certReqCtx is se...

6CVSS5.8AI score
Exploits0References2
Oracle linux
Oracle linuxadded 2019/11/14 12:0 a.m.82 views

python3 security and bug fix update

3.6.8-15.1.0.1 - Add Oracle Linux distribution in platform.py Orabug: 20812544 3.6.8-15.1 - Patch 329 FIPS modified: Added workaround for modssl: Skip error checking in Pyhashlibfipserror Resolves: rhbz1760106 3.6.8-15 - Patch 329 that adds support for OpenSSL FIPS mode has been improved and...

9.8CVSS8.5AI score0.20743EPSS
Exploits4
RedHat Linux
RedHat Linuxadded 2019/07/30 7:50 p.m.173 views

Moderate: Red Hat Security Advisory: nss and nspr security, bug fix, and enhancement update

An update for nss and nspr is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

7.5CVSS6.7AI score0.02794EPSS
Exploits1References17
RedHat Linux
RedHat Linuxadded 2019/05/07 4:19 a.m.5 views

httpd: mod_ssl: access control bypass when using per-location client certification authentication

A flaw was found in Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38. A bug in modssl, when using per-location client certificate verification with TLSv1.3, allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. An attacker could perform vario...

7.5CVSS7.1AI score0.10508EPSS
Exploits0References6
OpenVAS
OpenVASadded 2019/04/08 12:0 a.m.162 views

Apache HTTP Server < 2.4.39 mod_ssl Access Control Bypass Vulnerability - Linux

In Apache HTTP Server a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpte...

7.5CVSS7.6AI score0.10508EPSS
Exploits0References1
Apache Httpd
Apache Httpdadded 2019/01/23 12:0 a.m.79 views

Apache Httpd < 2.4.39 : mod_ssl access control bypass

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions...

7.5CVSS1.7AI score0.10508EPSS
Exploits0Affected Software1
Rows per page
Query Builder