CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

CVE•added 2026/01/23 12:0 a.m.•6 views

CVE-2025-67229

CVE-2025-67229 affects ToDesktop Builder v0.32.1. The vulnerability is an improper certificate validation that allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation. CVSS 3.1 base score 9.8 (CRITICAL) with Network attack vector, n...

9.8CVSS5.5AI score0.00018EPSS

Exploits0References2Affected Software1

Veracode•added 2019/05/16 2:18 a.m.•24 views

Improper Access Control

Oracle Java SE is vulnerable to improper access control vulnerability. This is because the DNS client implementation in the JNDI component of OpenJDK does not use random source ports when sending out DNS queries. A remote attacker coud spoof responses to those queries resulting in unauthorized...

4.8CVSS5.6AI score0.0009EPSS

Exploits0References23Affected Software4

NVD•added 2015/12/31 5:59 a.m.•18 views

CVE-2015-7282

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the destination port...

5.8CVSS5.7AI score0.00668EPSS

Exploits0References2