Lucene search
K

30 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-1224

Malware in sbrugna...

5.9CVSS6.7AI score0.01519EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.4 views

SUSE SLED15: java-21-openjdk / java-21-openjdk-demo / java-21-openjdk-devel / etc (SUSE-SU-2025:02657-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02657-1 advisory. Update to upstream tag jdk-21.0.8+9 July 2025 CPU: Security fixes: - CVE-2025-30749: several...

8.6CVSS6.8AI score0.01058EPSS
Exploits1References14
OSV
OSV
added 2025/08/04 10:34 a.m.12 views

SUSE-SU-2025:02657-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.8+9 July 2025 CPU: Security fixes: - CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598 -...

8.6CVSS8.1AI score0.01058EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2025/08/01 12:0 a.m.3 views

SUSE SLES12: java-11-openjdk / java-11-openjdk-demo / java-11-openjdk-devel / etc (SUSE-SU-2025:02563-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02563-1 advisory. Upgrade to upstream tag jdk-11.0.28+6 July 2025 CPU: Security fixes: - CVE-2025-30749: several scenarios can lead to heap corruption bsc124659...

8.6CVSS6.7AI score0.01058EPSS
Exploits1References16
SUSE Linux
SUSE Linux
added 2025/07/30 6:35 a.m.7 views

Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u462 build 08 with OpenJ9 0.53.0 virtual machine: CVE-2025-30749: several scenarios can lead to heap corruption Oracle CPU 2025-07 bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections...

8.6CVSS7.7AI score0.01058EPSS
Exploits1References16
OSV
OSV
added 2025/07/30 6:34 a.m.2 views

SUSE-SU-2025:02545-1 Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u462 build 08 with OpenJ9 0.53.0 virtual machine: - CVE-2025-30749: several scenarios can lead to heap corruption Oracle CPU 2025-07 bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protectio...

8.6CVSS7.8AI score0.01058EPSS
Exploits1References9
OSV
OSV
added 2025/01/27 7:20 a.m.14 views

BIT-RUBY-MIN-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

7.4CVSS7.4AI score0.02909EPSS
Exploits1References9
F5 Networks
F5 Networks
added 2023/02/21 7:53 p.m.40 views

K62279530: ConfigSync mcpd vulnerability CVE-2017-6161

Security Advisory Description When configuration synchronization ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypt and authenticate connections to mcpd. CVE-2017-6161 Impact This vulnerability may allow remote attackers to...

5.3CVSS5.5AI score0.00971EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.61 views

K01955184: Python smtplib library vulnerability CVE-2016-0772

Security Advisory Description The smtplib library in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the...

6.5CVSS7.3AI score0.14524EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2022/05/13 1:11 a.m.8 views

Smack allows the bypass of TLS protections

Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response...

5.9CVSS6.9AI score0.01519EPSS
Exploits0References9Affected Software1
OpenVAS
OpenVAS
added 2021/12/31 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2866)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.05061EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/12/02 12:0 a.m.36 views

SUSE SLED15: libruby2_5-2_5 / ruby2.5 / ruby2.5-devel / ruby2.5-devel-extra / etc (SUSE-SU-2021:3838-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3838-1 advisory. - CVE-2021-31799: Fixed Command injection vulnerability in RDoc bsc1190375. - CVE-2021-31810: Fixed trusting FTP PASV...

7.4CVSS6.7AI score0.0305EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2721)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS6.9AI score0.0305EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.31 views

EulerOS 2.0 SP5 : ruby (EulerOS-SA-2021-2673)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a...

7.4CVSS7.5AI score0.02909EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/10/25 12:0 a.m.26 views

EulerOS 2.0 SP3 : ruby (EulerOS-SA-2021-2614)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fai...

7.4CVSS7.1AI score0.02909EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.42 views

Debian DLA-2780-1 : ruby2.3 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2780 advisory. Multiple vulnerabilites in ruby2.3, interpreter of object-oriented scripting language Ruby, were discovered. CVE-2021-31799 In RDoc 3.11 through 6.x before 6.3.1, ...

7.4CVSS7.7AI score0.0305EPSS
Exploits2References10
NVD
NVD
added 2021/08/01 7:15 p.m.22 views

CVE-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

7.4CVSS0.02909EPSS
Exploits1References8
OSV
OSV
added 2021/08/01 7:15 p.m.27 views

CVE-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

7.4CVSS6.7AI score
Exploits0References8
Prion
Prion
added 2021/08/01 7:15 p.m.56 views

Code injection

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

5.8CVSS7.1AI score0.02909EPSS
Exploits1References8Affected Software2
AlpineLinux
AlpineLinux
added 2021/08/01 12:0 a.m.37 views

CVE-2021-32066

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between th...

7.4CVSS7.6AI score0.02909EPSS
Exploits1
Rows per page
Query Builder