CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Snyk•added 2026/05/13 11:16 a.m.•7 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation in the OCSP stapling process with Apple SecTrust. An attacker can cause the client to accept invalid or revoked server certificates by exploiting the failure to properly detect OCSP response problems. Not...

9.1CVSS5.7AI score0.00013EPSS

Exploits1References2

IBM Security Bulletins•added 2026/02/27 11:44 a.m.•5 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses log4j-core-2.25.1.jar which is vulnerable to CVE-2025-68161.

Summary IBM Maximo Application Suite - Monitor Component uses log4j-core-2.25.1.jar which is vulnerable to CVE-2025-68161. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

6.3CVSS5.9AI score0.00029EPSS

Exploits1Affected Software1

Malwarebytes•added 2025/12/02 5:49 p.m.•5 views

“Sleeper” browser extensions woke up as spyware on 4 million devices

Researchers have unraveled a malware campaign that really did play the long game. After seven years of behaving normally, a set of browser extensions installed on roughly 4.3 million Chrome and Edge users’ devices suddenly went rogue. Now they can track what you browse and run malicious code insi...

7.8AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2020-6166

Malware in sbrugna...

8.8CVSS8.6AI score0.01148EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 10:24 p.m.•3 views

CVE-2022-21672

make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted...

6.5CVSS6.9AI score0.0015EPSS

Exploits0References1

OSV•added 2023/12/19 3:15 p.m.•2 views

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

9.8CVSS5.8AI score

Exploits0References1

CVE•added 2023/12/19 3:9 p.m.•38 views

CVE-2023-43870

The CVE-2023-43870 issue affects Paxton Net2: during installation a root certificate is installed into the trusted store, and an attacker could access the installer batch file or reverse-engineer the source to obtain the root certificate password. With the password, an attacker could issue their ...

9.8CVSS9.6AI score0.00068EPSS

Exploits0References1Affected Software1

OSV•added 2022/01/10 9:0 p.m.•13 views

CVE-2022-21672 /etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca

6.5CVSS6.5AI score0.0015EPSS

Exploits0References6

OSV•added 2020/06/09 9:15 p.m.•2 views

CVE-2020-13996

The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager...

8.8CVSS7.3AI score0.01148EPSS

Exploits0References2

Rows per page