CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•12 views

Astra Linux - уязвимость в mbedtls

An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a TLS 1.3 ClientHello without extensions...

7.5CVSS5.5AI score0.00685EPSS

Exploits1References1

NVD•added 2026/03/05 7:15 p.m.•5 views

CVE-2025-13476

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection DPI systems to trivially identify and block proxy traffic, undermining censorship circumvention...

9.8CVSS0.00345EPSS

Exploits0References2

RedhatCVE•added 2025/10/16 10:48 a.m.•3 views

CVE-2025-55081

In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the nxsecuretlsprocessclienthello function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside o...

9.1CVSS6.8AI score0.00337EPSS

Exploits0References1

EUVD•added 2025/10/16 6:29 a.m.•3 views

EUVD-2025-34716

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check innxsecuretlsprocclienthellosupportedversionsextension in the extension version field...

6.9CVSS6.4AI score0.00301EPSS

Exploits0References1

Redos•added 2025/10/16 12:0 a.m.•8 views

ROS-20251016-04

Vulnerability of X509VERIFYPARAMadd0policy function of OpenSSL library is related to errors in the procedure of of certificate authentication. Exploitation of the vulnerability could allow an attacker acting remotely to perform a "man-in-the-middle" type of attack. remotely to perform a...

9.8CVSS9.4AI score0.87816EPSS

Exploits4

OSV•added 2025/10/15 11:15 a.m.•3 views

CVE-2025-55081

9.1CVSS6.9AI score

Exploits0References1

Cvelist•added 2025/10/15 11:3 a.m.•6 views

CVE-2025-55082 Potential out of bound read and info leak in_nx_secure_tls_psk_identity_find()

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in nxsecuretlsprocessclienthello because of a missing validation of PSK length provided in the user message...

6.9CVSS0.00229EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-34179

Malicious code in bioql PyPI...

7.5CVSS5.5AI score0.00693EPSS

Exploits1References6

NVD•added 2025/07/05 2:15 a.m.•5 views

CVE-2024-58254

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-11738. Reason: This candidate is a duplicate of CVE-2024-11738. Notes: All CVE users should reference CVE-2024-11738 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

Exploits0

Positive Technologies•added 2025/07/05 12:0 a.m.•4 views

PT-2025-28032 · Rustls · Rustls

Name of the Vulnerable Software and Affected Versions: rustls versions 0.23.13 through 0.23.17 Description: The issue allows a panic via a fragmented TLS ClientHello when rustls::server::Acceptor::accept is used. Recommendations: For rustls versions 0.23.13 through 0.23.17, update to version...

5.3CVSS6.5AI score

Exploits0References6

NVD•added 2024/12/06 3:15 p.m.•19 views

CVE-2024-11738