Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2026/04/10 10:54 a.m.12 views

CVE-2026-39304

Summary: CVE-2026-39304 describes a DoS via Out-of-Memory in Apache ActiveMQ components caused by TLSv1.3 KeyUpdate handling in NIO SSL transports. The broker and clients are affected for multiple versions prior to 6.2.4 or 5.19.4, with the recommended fixes being 6.2.4 or 5.19.5. The issue arise...

7.5CVSS5.8AI score0.00683EPSS
Exploits0References2Affected Software2
CVE
CVEadded 2026/04/02 8:0 a.m.14 views

CVE-2026-5244

CVE-2026-5244 affects Cesanta Mongoose

9.8CVSS7.2AI score0.00727EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCveadded 2026/03/13 7:54 p.m.4 views

CVE-2026-2673

Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. Impact summary: A less preferred key exchange may be used even when a more preferred group is...

6.5CVSS5.9AI score0.00435EPSS
Exploits0References4
OSV
OSVadded 2025/11/21 10:16 p.m.2 views

CVE-2025-11935

With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing pskdheke without a keyshare...

7.5CVSS6.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/10/02 12:0 a.m.4 views

SUSE SLES15 / openSUSE 15 Security Update : nginx (SUSE-SU-2025:03444-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03444-1 advisory. - CVE-2025-53859:?the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. ...

6.3CVSS5.7AI score0.02557EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2025/02/27 3:12 a.m.2 views

SUSE CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decryptinternal The memory size of tlsctx-rx.iv for AES128-CCM is 12 setting in tlssetswoffload. The return value of cryptoaeadivsize for "ccmaes" is 16. So memcpy require 16 bytes from 12...

7.1CVSS6.4AI score0.00233EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2024/09/09 5:17 p.m.4 views

undertow: response write hangs in case of Java 17 TLSv1.3 NewSessionTicket

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource...

7.5CVSS5.7AI score0.02716EPSS
Exploits0References4
OSV
OSVadded 2019/05/03 11:41 a.m.2 views

SUSE-SU-2019:1141-1 Security update for openssl-1_1

This update for openssl-11 to version 1.1.1b fixes the following issues: - Changed the info callback signals for the start and end of a post-handshake message exchange in TLSv1.3. - Fixed a bug in DTLS over SCTP. This breaks interoperability with older versions of OpenSSL like OpenSSL 1.1.0 and...

7.1AI score
Exploits0References3
Rows per page
Query Builder