Lucene search
+L

25 matches found

vulnrichment
vulnrichment
added 2026/06/09 4:3 p.m.17 views

CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

5.7AI score0.0021EPSS
Exploits0References6
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12588

Malware in sbrugna...

4.8CVSS5.3AI score0.04428EPSS
Exploits5References4
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-12587

Malware in sbrugna...

4.8CVSS5.3AI score0.04428EPSS
Exploits6References4
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-3438

Malware in sbrugna...

6.1CVSS6.1AI score0.02343EPSS
Exploits5References4
redhat
redhat
added 2021/08/11 6:21 p.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
redhat
redhat
added 2020/06/11 9:3 a.m.4 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
redhat
redhat
added 2020/06/10 7:23 p.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
redhat
redhat
added 2020/03/23 8:13 p.m.7 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
redhat
redhat
added 2020/03/12 5:0 p.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
packetstorm
packetstorm
added 2019/02/26 12:0 a.m.53 views

DomainMOD 4.11.01 ssl-provider-name Cross Site Scripting

Exploit Title : DomainMOD 4.11.01 and before - 'ssl-provider-name' Cross-Site Scripting Author Discovered By : Mohammed Abdul Raheem Company Name : TrekShield IT Solutions Date : 14-02-2019 Vendor Homepage : https://domainmod.org/ Software Information Link : https://github.com/DomainMod/DomainMod...

3.5CVSS5.5AI score0.04428EPSS
Exploits6
exploitpack
exploitpack
added 2019/02/14 12:0 a.m.53 views

DomainMOD 4.11.01 - ssl-provider-name Cross-Site Scripting

DomainMOD 4.11.01 - ssl-provider-name Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version:...

3.5CVSS5.3AI score0.04428EPSS
Exploits6
exploitdb
exploitdb
added 2019/02/14 12:0 a.m.53 views

DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20009 A Stored Cross-site...

4.8CVSS7AI score0.04428EPSS
Exploits6
nvd
nvd
added 2018/12/10 9:29 a.m.24 views

CVE-2018-20010

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field...

4.8CVSS4.9AI score0.04428EPSS
Exploits5References2
prion
prion
added 2018/12/10 9:29 a.m.15 views

Default credentials

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

3.5CVSS4.7AI score0.04428EPSS
Exploits6References2Affected Software1
prion
prion
added 2018/12/10 9:29 a.m.14 views

Default credentials

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field...

3.5CVSS4.7AI score0.04428EPSS
Exploits5References2Affected Software1
nvd
nvd
added 2018/12/10 9:29 a.m.19 views

CVE-2018-20009

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

4.8CVSS4.9AI score0.04428EPSS
Exploits6References2
cvelist
cvelist
added 2018/12/10 9:0 a.m.18 views

CVE-2018-20009

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

5.3AI score0.04428EPSS
Exploits6References2
cvelist
cvelist
added 2018/12/10 9:0 a.m.25 views

CVE-2018-20010

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field...

5.3AI score0.04428EPSS
Exploits5References2
prion
prion
added 2018/05/24 7:29 a.m.17 views

Design/Logic Flaw

DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter...

4.3CVSS5.9AI score0.02343EPSS
Exploits5References2Affected Software1
osv
osv
added 2018/05/24 7:29 a.m.25 views

CVE-2018-11404

DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter...

6.1CVSS6.1AI score
Exploits0References2
Rows per page
Query Builder