CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1026 matches found

OSV•added 2023/05/29 6:16 p.m.•1 views

USN-6112-1 perl vulnerability

It was discovered that Perl was not properly verifying TLS certificates when using CPAN together with HTTP::Tiny to download modules over HTTPS. If a remote attacker were able to intercept communications, this flaw could potentially be used to install altered modules...

8.1CVSS5.8AI score0.01523EPSS

Exploits1References2

Ubuntu•added 2023/05/29 6:16 p.m.•61 views

USN-6112-1: Perl vulnerability

8.1CVSS8AI score0.01523EPSS

Exploits1

Amazon•added 2023/05/16 12:0 a.m.•33 views

Important: perl

Issue Overview: HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates. CVE-2023-31484 Affected Packages: perl Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

8.1CVSS8.1AI score0.01523EPSS

Exploits1

NVD•added 2023/05/10 8:15 a.m.•17 views

CVE-2023-24418

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin = 3.2 versions...

5.9CVSS5.4AI score0.00298EPSS

Exploits0References1

OSV•added 2023/05/10 8:15 a.m.•2 views

CVE-2023-24418

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin = 3.2 versions...

4.8CVSS6.6AI score

Exploits0References1

CVE•added 2023/05/10 7:43 a.m.•32 views

CVE-2023-24418

CVE-2023-24418 affects the WordPress plugin Tiny carousel horizontal slider plus (admin+). The vulnerability is a Stored Cross-Site Scripting (XSS) in versions

5.9CVSS5.1AI score0.00298EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/05/10 12:0 a.m.•5 views

WordPress plugin Tiny carousel horizontal slider plus 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

5.9CVSS6.4AI score0.00298EPSS

Exploits0References2

SUSE CVE•added 2023/05/03 2:29 a.m.•1 views

SUSE CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

7.4CVSS8.9AI score0.00767EPSS

Exploits0References5

NVD•added 2023/04/29 12:15 a.m.•15 views

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS7.9AI score0.00767EPSS

Exploits0References11

OSV•added 2023/04/29 12:15 a.m.•1 views

DEBIAN-CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS8.1AI score0.00767EPSS

Exploits0References1

OSV•added 2023/04/29 12:15 a.m.•3 views

AZL-37127 CVE-2023-31486 affecting package perl for versions less than 5.34.1-489

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS6.9AI score0.00767EPSS

Exploits0References1

OSV•added 2023/04/29 12:15 a.m.•18 views

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS7AI score

Exploits0References11

UbuntuCve•added 2023/04/29 12:15 a.m.•37 views

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS6.9AI score0.00767EPSS

Exploits0References10

OSV•added 2023/04/29 12:15 a.m.•0 views

UBUNTU-CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.1CVSS7.1AI score0.00767EPSS

Exploits0References11

Prion•added 2023/04/29 12:15 a.m.•49 views

Default configuration

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

5.1CVSS7.7AI score0.00767EPSS

Exploits0References10Affected Software1

CNNVD•added 2023/04/29 12:0 a.m.•1 views

HTTP::Tiny 信任管理问题漏洞

HTTP::Tiny is a small, simple, and correct HTTP/1.1 client from Perldoc Open Source. HTTP::Tiny suffers from a trust management issue vulnerability that stems from having an insecure default TLS configuration where users must opt-in to validate certificates...

8.1CVSS7AI score0.00767EPSS

Exploits0References12

Cvelist•added 2023/04/28 12:0 a.m.•18 views

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8.2AI score0.00767EPSS

Exploits0References10

Vulnrichment•added 2023/04/28 12:0 a.m.•7 views

CVE-2023-31486

HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates...

8AI score0.00767EPSS

Exploits0References10

CVE•added 2023/04/28 12:0 a.m.•171 views

CVE-2023-31486

CVE-2023-31486 affects the HTTP::Tiny Perl HTTP client (before 0.083). Insecure default TLS verification requires opt-in to verify certificates, enabling MITM risk. Affected: HTTP::Tiny (Perl module, CPAN) used with older TLS defaults. Impact is high (confidentiality, integrity, and availability)...

8.1CVSS7.9AI score0.00767EPSS

Exploits0References11Affected Software1