Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2024/04/11 5:0 p.m.8 views

squid: Denial of Service in SSL Certificate validation

A flaw was found in Squid. Due to an improper validation of the specified index bug, Squid compiled using --with-openssl is vulnerable to a denial of service attack against SSL Certificate validation. This flaw allows a remote server to perform a denial of service against the Squid Proxy by...

8.6CVSS5.8AI score0.04012EPSS
Exploits0References8
CNNVD
CNNVDadded 2023/12/21 12:0 a.m.2 views

Selected ESET Products Security Vulnerabilities

ESET Security Ultimate is a complete security solution from ESET Slovakia. A security vulnerability exists in some ESET products that stems from improper validation of the server certificate chain, where intermediate certificates signed using the MD5 or SHA1 algorithms are treated as trusted, and...

8.6CVSS6.8AI score0.00376EPSS
Exploits0References3
Veracode
Veracodeadded 2023/11/02 7:16 a.m.28 views

Denial Of Service

Squid is vulnerable to Denial Of Service. The vulnerability is due to improper validation of particular index which allows an attacker to initiate a TLS Handshake with a malicious crafted SSL Certificate in a server certificate chain thus leading to denial of service...

8.6CVSS6.8AI score0.04012EPSS
Exploits0References7Affected Software2
CNNVD
CNNVDadded 2023/08/14 12:0 a.m.3 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in the code of the isServerCertChainValid module of InsecureEapNetworkHandler.java, which can be exploited by an attacke...

9.8CVSS7.5AI score0.00439EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2022/07/01 12:0 a.m.68 views

Ubuntu 16.04 ESM : curl vulnerabilities (USN-5499-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5499-1 advisory. Florian Kohnhuser discovered that curl incorrectly handled returning a TLS servers certificate chain details. A remote attacker could possibly use this...

7.5CVSS6.9AI score0.05595EPSS
Exploits2References3
Positive Technologies
Positive Technologiesadded 2022/06/14 12:0 a.m.3 views

PT-2022-10399 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to a possible memory leak due to improper validation of certificate chain length while parsing the server certificate chain. This affects various Qualcomm...

7.8CVSS7.4AI score0.00407EPSS
Exploits0References3
OSV
OSVadded 2022/06/02 2:15 p.m.1 views

ALPINE-CVE-2022-27781

libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function, a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation...

7.5CVSS6.9AI score0.02434EPSS
Exploits1References1
Rows per page
Query Builder