CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

148 matches found

FortiClient EMS - Authentication Bypass

Detects whether Fortinet hotfix FG-IR-26-099 for CVE-2026-35616 is missing by comparing behavioral responses from a certificate-authenticated endpoint. The template sends X-SSL-CLIENT-VERIFY: SUCCESS without certificate material and checks whether this spoofed header changes server behavior. id:...

9.8CVSS6.1AI score0.88505EPSS

Exploits8References2

EUVD•added 2026/06/09 6:30 p.m.•11 views

EUVD-2026-35484

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00349EPSS

Exploits0References7

RedhatCVE•added 2026/05/29 9:50 a.m.•16 views

CVE-2026-46579

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS5.7AI score0.00218EPSS

Exploits0References3

EUVD•added 2026/05/29 9:50 a.m.•10 views

EUVD-2026-33274

7.4CVSS5.7AI score0.00218EPSS

Exploits0References2

CVE•added 2026/05/29 9:50 a.m.•23 views

CVE-2026-46579

OpenShift Router flaw: when Route.insecureEdgeTerminationPolicy is Allow, the HTTP frontend does not strip X-SSL-Client-* headers, enabling an unauthenticated attacker to craft requests that bypass mutual TLS authentication by impersonating client certificate identities. Affected component: OpenS...

7.5CVSS5.7AI score0.00218EPSS

Exploits0References5Affected Software2

Positive Technologies•added 2026/05/29 12:0 a.m.•10 views

PT-2026-44799

Name of the Vulnerable Software and Affected Versions OpenShift Router affected versions not specified Description A flaw in the HTTP frontend occurs when a Route has the insecureEdgeTerminationPolicy set to Allow. In this configuration, the router fails to remove X-SSL-Client- headers from...

7.5CVSS5.5AI score0.00218EPSS

Exploits0References7

RedhatCVE•added 2026/01/09 11:29 a.m.•11 views

CVE-2021-27932

Stormshield Network Security SNS VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions...

7.8CVSS7AI score0.00183EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:23 a.m.•8 views

CVE-2021-31814

In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client...

6.1CVSS6.5AI score0.00201EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:16 a.m.•3 views

CVE-2025-1910

The WatchGuard Mobile VPN with SSL Client on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM on the Windows machine where the VPN Client is installed.This issue affects the Mobile VPN with SSL Client 12.0 up to and includi...

6.3CVSS7AI score0.00209EPSS

Exploits0References1

Vulnrichment•added 2025/12/04 9:56 p.m.•5 views

CVE-2025-1910 WatchGuard Mobile VPN with SSL Local Privilege Escalation via Update Package

6.3CVSS6.7AI score0.00209EPSS

Exploits0References1

RedhatCVE•added 2025/10/30 5:9 p.m.•3 views

CVE-2025-1549

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on Windows enables a local user to execute arbitrary commands with elevated privileges on the Windows system. This vulnerability is an additional unmitigated attack path for CVE-2024-4944. This vulnerability i...

7.8CVSS7.3AI score0.00312EPSS

Exploits0References1