CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1319 matches found

Positive Technologies•added 2025/11/17 12:0 a.m.•3 views

PT-2025-47160

Name of the Vulnerable Software and Affected Versions GoSign Desktop versions through 2.4.1 Description GoSign Desktop versions through 2.4.1 disable TLS certificate validation when configured to use a proxy server. This occurs if a user selects a proxy server without verifying that outbound HTTP...

3.2CVSS6.8AI score0.00108EPSS

Exploits0References6

Cvelist•added 2025/11/17 12:0 a.m.•7 views

CVE-2025-65083

GoSign Desktop through 2.4.1 disables TLS certificate validation when configured to use a proxy server. This can be problematic if the GoSign Desktop user selects an arbitrary proxy server without consideration of whether outbound HTTPS connections from the proxy server to Internet servers succee...

3.2CVSS0.00108EPSS

Exploits0References2

OpenVAS•added 2025/11/12 12:0 a.m.•3 views

Huawei EulerOS: Security Advisory for mod_http2 (EulerOS-SA-2025-2366)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01149EPSS

Exploits0References2

Tenable Nessus•added 2025/11/11 12:0 a.m.•5 views

Debian dla-4369 : squid - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4369 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4369-1 [email protected]...

10CVSS5.4AI score0.6332EPSS

Exploits2References6

Vulnrichment•added 2025/10/10 7:22 p.m.•2 views

CVE-2025-61919 Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing

Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, Rack::RequestPOST reads the entire request body into memory for Content-Type: application/x-www-form-urlencoded, calling rack.input.readnil without enforcing a length or cap. Large request bodies can therefo...

7.5CVSS6.4AI score0.00591EPSS

Exploits0References4

OSV•added 2025/10/10 7:22 p.m.•3 views

CVE-2025-61919 Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing

7.5CVSS6.5AI score0.00591EPSS

Exploits0References6

Positive Technologies•added 2025/10/10 12:0 a.m.•4 views

PT-2025-41595

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.20 Rack versions prior to 3.1.18 Rack versions prior to 3.2.3 Description Rack is a modular Ruby web server interface. In versions prior to 2.2.20, 3.1.18, and 3.2.3, the Rack::RequestPOST method reads the entire...

7.8CVSS6.8AI score0.00868EPSS

Exploits0References77