Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.2 views

Astra Linux - уязвимость в perl

HTTP::Tiny, a Perl core module since version 5.13.9 and available as a standalone package on CPAN, has an insecure default TLS configuration. In this configuration, users are required to explicitly choose to verify certificates...

8.1CVSS6.9AI score0.00767EPSS
Exploits0References2
OSV
OSVadded 2026/03/07 5:15 p.m.1 views

UBUNTU-CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS5.7AI score0.00023EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2026/02/24 4:33 p.m.4 views

CVE-2026-27590

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's FastCGI path splitting logic computes the split index on a lowercased copy of the request path and then uses that byte index to slice the original path. This is unsafe for Unicode because...

9.8CVSS8.8AI score0.00245EPSS
Exploits1
Debian CVE
Debian CVEadded 2026/02/24 4:26 p.m.4 views

CVE-2026-27587

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An...

9.1CVSS8.4AI score0.00062EPSS
Exploits1
vulnersOsv
vulnersOsvadded 2024/08/09 8:41 p.m.4 views

msgtrans (>=0.1.0 <=0.1.6), s2n-quic (>=1.18.0 <=1.37.0) +3 more potentially affected by unknown CVE via s2n-tls (>=0.0.10 <=0.2.9)

s2n-tls CARGO version =0.0.10, =0.1.0, =1.18.0, =0.18.2, =0.18.2, =0.0.6, =0.2.11 Source cves: unknown CVE Source advisory: OSV:GHSA-857Q-XMPH-P2V5...

5.8AI score
Exploits0
OSV
OSVadded 2023/07/18 5:16 p.m.2 views

CLSA-2023-1689700589 Fix CVE(s): CVE-2023-31486

SECURITY UPDATE: insecure default TLS configuration in HTTP::Tiny module - debian/patches/CVE-2023-31486.patch: add verifySSL=1 to HTTP::Tiny default configuration - CVE-2023-31486...

8.1CVSS7.3AI score0.00767EPSS
Exploits0References1
OSV
OSVadded 2016/08/08 1:59 a.m.2 views

CVE-2016-0266

IBM AIX 5.3, 6.1, 7.1, and 7.2 and VIOS 2.2.x do not default to the latest TLS version, which makes it easier for man-in-the-middle attackers to obtain sensitive information via unspecified vectors...

3.7CVSS5.8AI score0.007EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2012/06/17 12:0 a.m.2 views

PT-2012-1161 · Gentoo +4 · Gentoo Linux +4

Name of the Vulnerable Software and Affected Versions: OpenLDAP versions prior to 2.4.35 Gentoo Linux affected versions not specified Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely, potentially allowing...

6.8CVSS5.1AI score0.00564EPSS
Exploits0References26
Rows per page
Query Builder