Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

EUVD
EUVDadded 4 days ago7 views

EUVD-2026-39612

A flaw in Node.js TLS host verification can cause an attacker to bypass certification validation. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

4.3CVSS6.3AI score0.00279EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/06/11 7:42 a.m.14 views

Security Bulletin: IBM Engineering Lifecycle Management - Engineering Workflow Management is impacted by vulnerabilities in Eclipse Paho Java client library

Summary A vulnerability has been identified in Eclipse Paho Java client library, which is used in IBM Engineering Lifecycle Management - Engineering Workflow Management . Vulnerability Details CVEID:CVE-2019-11777 DESCRIPTION: In the Eclipse Paho Java client library version 1.2.0, when connecting...

7.5CVSS5.4AI score0.00827EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessusadded 2026/03/30 12:0 a.m.7 views

Debian dla-4518 : php-seclib - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4518 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4518-1 [email protected]...

8.2CVSS6AI score0.00376EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.7 views

EUVD-2020-29049

Malware in sbrugna...

7CVSS6.7AI score0.00933EPSS
Exploits0References4
Prion
Prionadded 2020/05/12 1:15 p.m.22 views

Design/Logic Flaw

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack...

6.8CVSS6.7AI score0.00933EPSS
Exploits0References2Affected Software2
Nextcloud
Nextcloudadded 2020/03/24 12:0 a.m.44 views

Mail app not verifying TLS host of mail servers (NC-SA-2020-020)

A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack...

6.8CVSS2.9AI score0.00933EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTECadded 2019/09/05 12:0 a.m.4 views

The vulnerability of the WebSocket client component of the Apache Tomcat application server arises from errors in checking host names when using the Transport Layer Security (TLS) protocol. This vulnerability allows attackers to circumvent existing security restrictions.

The vulnerability of the WebSocket client component of the Apache Tomcat application server is related to errors in checking host names when using the Transport Layer Security TLS protocol. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions remotel...

7.8CVSS7.7AI score0.213EPSS
Exploits0References18Affected Software13
OSV
OSVadded 2018/11/28 8:58 a.m.19 views

SUSE-SU-2018:3011-1 Security update for tomcat

This update for tomcat to version 9.0.10 fixes the following issues: Security issues fixed: - CVE-2018-1336: An improper handing of overflow in the UTF-8 decoder with supplementary characters could have lead to an infinite loop in the decoder causing a Denial of Service bsc1102400. - CVE-2018-801...

9.8CVSS7AI score0.21979EPSS
Exploits0References10
OSV
OSVadded 2014/10/15 2:55 p.m.2 views

DEBIAN-CVE-2014-2576

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPTSSLVERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle MITM attacks...

6.8CVSS6.8AI score0.01979EPSS
Exploits0References1
Rows per page
Query Builder