Lucene search
K

459 matches found

Vulnrichment
Vulnrichment
added 2026/01/22 12:16 a.m.4 views

CVE-2025-27377 Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 12:16 a.m.26 views

CVE-2025-27377 Missing Validation of Self-Signed Certificates in Altium Designer Allows Man-in-the-Middle Attacks

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 12:16 a.m.15 views

CVE-2025-27377

CVE-2025-27377 concerns Altium Designer 24.9.0, where self-signed server certificates are not validated for cloud connections. The root cause is improper certificate validation, enabling a potential MITM attacker to intercept or manipulate network traffic and possibly expose authentication creden...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-3884

Altium Designer version 24.9.0 does not validate self-signed server certificates for cloud connections. An attacker capable of performing a man-in-the-middle MITM attack could exploit this issue to intercept or manipulate network traffic, potentially exposing authentication credentials or sensiti...

5.3CVSS5.5AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.8 views

Altium Designer security vulnerabilities

Altium Designer is an electronic design automation software developed by Altium Corporation in the United States. Version 24.9.0 of Altium Designer contains a security vulnerability. This vulnerability stems from unverified self-signed server certificates connected to the cloud, which may lead to...

5.3CVSS5.8AI score0.00174EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.2 views

MiracleLinux 3 : gnutls-1.4.1-3.1.1AXS3 (AXSA:2008-480:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-480:02 advisory. Description : GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

5.9CVSS6.2AI score0.01882EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

MiracleLinux 3 : gnutls-1.4.1-3.1.1AXS3 (AXSA:2008-493:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-493:03 advisory. Description : GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

5.9CVSS6.2AI score0.01882EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2025/12/01 6:50 a.m.244 views

Exploit for CVE-2021-21980

CVE-2021-21980 Vulnerable Test Environment Overview Realis...

7.5CVSS7AI score0.04601EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/11/27 5:16 a.m.293 views

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

7.5CVSS6.8AI score0.04601EPSS
Exploits2
The Hacker News
The Hacker News
added 2025/11/19 1:0 p.m.12 views

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide

A newly discovered campaign has compromised tens of thousands of outdated or end-of-life EoL ASUS routers worldwide, predominantly in Taiwan, the U.S., and Russia, to rope them into a massive network. The router hijacking activity has been codenamed Operation WrtHug by SecurityScorecard's STRIKE...

9.2CVSS9.3AI score0.33641EPSS
Exploits2
NVD
NVD
added 2025/10/22 7:15 a.m.7 views

CVE-2025-41721

A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate...

2.7CVSS0.00183EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 6:55 a.m.12 views

CVE-2025-41721 Sauter: Command Injection

A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate...

2.7CVSS0.00183EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 6:55 a.m.4 views

EUVD-2025-35329

A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate...

2.7CVSS6.5AI score0.00183EPSS
Exploits0References2
CVE
CVE
added 2025/10/22 6:55 a.m.21 views

CVE-2025-41721

CVE-2025-41721 describes a command-injection-like issue where a high-privilege remote attacker can influence parameters passed to the openssl command when adding a password-protected self-signed certificate, caused by improper neutralization of special elements. The vulnerability is documented ac...

2.7CVSS6.7AI score0.00183EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/22 6:55 a.m.3 views

CVE-2025-41721 Sauter: Command Injection

A high privileged remote attacker can influence the parameters passed to the openssl command due to improper neutralization of special elements when adding a password protected self-signed certificate...

2.7CVSS6.7AI score0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

Sauter modu680-AS 命令注入漏洞

Sauter modu680-AS is a modular automation station cum web server from Sauter, Switzerland. A command injection vulnerability exists in Sauter modu680-AS that stems from improper neutralization of special elements when adding password-protected self-signed certificates, which could allow an elevat...

2.7CVSS7.5AI score0.00183EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-4476

Malware in sbrugna...

2.6CVSS6AI score0.00825EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8661

Malware in sbrugna...

5CVSS6.2AI score0.00913EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-4555

Malware in sbrugna...

2.6CVSS8.9AI score0.0179EPSS
Exploits1References45
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-3463

Malware in sbrugna...

7.5CVSS7.6AI score0.01767EPSS
Exploits0References6
Rows per page
Query Builder