Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-14962

Malware in sbrugna...

7.5CVSS7.6AI score0.01399EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-16230

Malware in sbrugna...

7.5CVSS7.6AI score0.01905EPSS
Exploits1References4
0day.today
0day.today
added 2017/04/21 12:0 a.m.72 views

Starscream 2.0.3 SSL Pinning Bypass Vulnerability

WebSocket.swift in Starscream versions 2.0.3 and below allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false. An attacker can achieve traffic interception from a man-in-the-middle position, first by resetting th...

5CVSS7.3AI score0.01905EPSS
Exploits1
NVD
NVD
added 2017/04/06 2:59 p.m.12 views

CVE-2017-7192

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false...

7.5CVSS7.5AI score0.01905EPSS
Exploits1References3
NVD
NVD
added 2017/04/06 2:59 p.m.14 views

CVE-2017-5887

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function this is too late; pinning should occur in the initStreamsWithData function...

7.5CVSS7.6AI score0.01399EPSS
Exploits0References3
Prion
Prion
added 2017/04/06 2:59 p.m.13 views

Design/Logic Flaw

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false...

5CVSS7.5AI score0.01905EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2017/04/06 2:59 p.m.13 views

CVE-2017-5887

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function this is too late; pinning should occur in the initStreamsWithData function...

7.5CVSS6.9AI score
Exploits0References3
OSV
OSV
added 2017/04/06 2:59 p.m.10 views

CVE-2017-7192

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false...

7.5CVSS6.8AI score
Exploits0References3
Prion
Prion
added 2017/04/06 2:59 p.m.10 views

Design/Logic Flaw

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function this is too late; pinning should occur in the initStreamsWithData function...

5CVSS7.6AI score0.01399EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/04/06 2:0 p.m.16 views

CVE-2017-5887

WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because pinning occurs in the stream function this is too late; pinning should occur in the initStreamsWithData function...

7.6AI score0.01399EPSS
Exploits0References3
CVE
CVE
added 2017/04/06 2:0 p.m.44 views

CVE-2017-5887

CVE-2017-5887 affects Starscream’s WebSocket.swift prior to version 2.0.4. The vulnerability is an SSL pinning bypass caused by where pinning is performed: pinning occurs in the stream function, which is later than appropriate; pinning should be established in initStreamsWithData. This misplaceme...

7.5CVSS7.5AI score0.01399EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/04/06 2:0 p.m.43 views

CVE-2017-7192

The CVE-2017-7192 entry concerns the Starscream WebSocket library (WebSocket.swift) up to version 2.0.3, where SSL pinning can be bypassed due to incorrect handling of certValidated (it can be set to true but not to false). This enables a man-in-the-middle attack during re-connection after a TCP ...

7.5CVSS7.5AI score0.01905EPSS
Exploits1References3Affected Software1
securityvulns
securityvulns
added 2002/03/21 12:0 a.m.23 views

Unauthorized access via starscream/skank in ISS RealSecure

In default installation addtional rights are granted to user account skank from starscream host...

3.7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder