Lucene search
+L

5 matches found

osv
osv
added 2026/02/06 10:40 p.m.6 views

CVE-2026-25644 DataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgrade

DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8...

7.5CVSS5.5AI score0.0031EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2025/12/10 12:0 a.m.3 views

CVE-2025-65831

The application uses an insecure hashing algorithm MD5 to hash passwords. If an attacker obtained a copy of these hashes, either through exploiting cloud services, performing TLS downgrade attacks on the traffic from a mobile device, or through another means, they may be able to crack the hash in...

6.5AI score0.00186EPSS
Exploits0References2
redhat
redhat
added 2020/03/24 11:31 a.m.3 views

wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use

A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption...

9.1CVSS5.8AI score0.01068EPSS
Exploits0References4
attackerkb
attackerkb
added 2018/12/03 2:29 p.m.3 views

CVE-2018-16868

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

5.6CVSS5.5AI score0.00573EPSS
Exploits0References7
osv
osv
added 2018/12/03 2:29 p.m.2 views

DEBIAN-CVE-2018-16868

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

5.6CVSS5.3AI score0.00573EPSS
Exploits0References1
Rows per page
Query Builder