CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

65 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-7632

Malware in sbrugna...

7.5CVSS8.6AI score0.0265EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2023-35729

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.0027EPSS

Exploits0References2

IBM Security Bulletins•added 2025/06/25 7:55 a.m.•7 views

Security Bulletin: IBM Truststore Manager uses cryptography-44.0.0-cp39-abi3-manylinux_2_28_x86_64.whl which is vulnerable to CVE-2024-12797.

Summary IBM Truststore Manager uses cryptography-44.0.0-cp39-abi3-manylinux228x8664.whl which is vulnerable to CVE-2024-12797. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-12797 DESCRIPTION: Issue summary: Clients using RFC72...

6.3CVSS6.7AI score0.02357EPSS

Exploits0Affected Software1

Tenable Nessus•added 2025/02/24 12:0 a.m.•6 views

Siemens SIMATIC and SCALANCE Type Confusion (CVE-2024-6119)

Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service...

7.5CVSS6.8AI score0.66594EPSS

Exploits0References5

Tenable Nessus•added 2024/10/14 12:0 a.m.•41 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-libs (ALAS2023-2024-721)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-721 advisory. Issue summary: Applications performing certificate name checks e.g., TLSclients checking server certificates may attempt to read an invalid memoryaddress resulting in abnormal termination of the...

7.5CVSS6.6AI score0.66594EPSS

Exploits0References4

OSV•added 2024/09/03 4:15 p.m.•5 views

AZL-48747 CVE-2024-6119 affecting package edk2 for versions less than 20240524git3e722403cd16-3

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

7.5CVSS6.6AI score0.66594EPSS

Exploits0References1

OSV•added 2024/09/03 4:15 p.m.•42 views

CVE-2024-6119

7.5CVSS6.8AI score0.66594EPSS

Exploits0References8

NVD•added 2024/09/03 4:15 p.m.•24 views

CVE-2024-6119

7.5CVSS0.66594EPSS

Exploits0References11

CVE•added 2024/09/03 3:58 p.m.•440 views

CVE-2024-6119

OpenSSL CVE-2024-6119 causes a denial of service when applications perform certificate name checks (e.g., TLS server name validation). The issue stems from reading an invalid memory address during name comparison (e.g., otherName in X.509) and may terminate the process. Multiple connected advisor...

7.5CVSS6.5AI score0.66594EPSS

Exploits0References11Affected Software1

Cvelist•added 2024/09/03 3:58 p.m.•234 views

CVE-2024-6119 Possible denial of service in X.509 name checks

0.66594EPSS

Exploits0References5

AlpineLinux•added 2024/09/03 3:58 p.m.•110 views

CVE-2024-6119

7.5CVSS6.9AI score0.66594EPSS

Exploits0

Debian CVE•added 2024/09/03 3:58 p.m.•30 views

CVE-2024-6119

7.5CVSS6.6AI score0.66594EPSS

Exploits0

Vulnrichment•added 2024/09/03 3:58 p.m.•24 views

CVE-2024-6119 Possible denial of service in X.509 name checks

6.6AI score0.66594EPSS

Exploits0References5

RedHat Linux•added 2024/09/03 11:45 a.m.•5 views

golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...

5.9CVSS7.3AI score0.00667EPSS

Exploits0References11

FreeBSD•added 2024/09/03 12:0 a.m.•64 views

OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports: Possible denial of service in X.509 name checks Moderate severity Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process...

7.5AI score

Exploits0References2

OpenSSL•added 2024/09/03 12:0 a.m.•72 views

Vulnerability in OpenSSL - Possible denial of service in X.509 name checks

Issue summary : Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary : Abnormal termination of an application can a cause a denial o...

7.2AI score0.66594EPSS

Exploits0Affected Software1

OSV•added 2024/03/12 8:24 a.m.•18 views

BIT-GOLANG-2024-24783 Verify panics on certificates with an unknown public key algorithm in crypto/x509

Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for...

5.9CVSS6.5AI score0.00667EPSS

Exploits0References7

Tenable Nessus•added 2024/03/07 12:0 a.m.•50 views

Golang < 1.21.8, 1.22.x < 1.22.1 Multiple Vulnerabilities

The version of Golang running on the remote host is prior to 1.21.8 or 1.22.x prior to 1.22.1. It is, therefore, is affected by multiple vulnerabilities: - A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. CVE-2023-45289 - Verifying a certificate chai...

7.5CVSS6.6AI score0.0108EPSS

Exploits0References8