Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/12 6:35 p.m.40 views

EUVD-2026-36541

Improper handling of HPACK dynamic table size updates in the AWS Common Runtime aws-c-http library might allow a remote threat actor operating a server to cause memory corruption on a connecting client application, potentially leading to arbitrary code execution, via a crafted sequence of HTTP/2...

8.8CVSS5.8AI score0.00351EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/12/03 5:0 p.m.8 views

Step CA Has Authorization Bypass in ACME and SCEP Provisioners

Summary A security fix is now available for Step CA that resolves a vulnerability affecting deployments configured with ACME and/or SCEP provisioners. All operators running these provisioners should upgrade to the latest release v0.29.0 immediately. The issue was discovered and disclosed by a...

10CVSS6.6AI score0.0326EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/02/15 7:20 a.m.4 views

Apache Brooklyn vulnerable to cross-site scripting

Overview Apache Brooklyn is a framework for modeling, monitoring, and managing applications. Apache Brooklyn contains cross-site scripting vulnerabilities. It is known that proof-of-concept code to exploit these vulnerabilties exist. Toshitsugu Yoneyama of Mitsui Bussan Secure Directions, Inc...

8.8CVSS6.6AI score0.01963EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2016/11/05 12:0 a.m.11 views

PT-2016-4587 · Openssl · Rust-Openssl

Name of the Vulnerable Software and Affected Versions: rust-openssl versions prior to 0.9.0 Description: The issue is related to SSL/TLS man-in-the-middle attacks due to insecure defaults in the openssl crate for Rust. Specifically, certificate verification is off by default, and there is no API...

8.1CVSS7.6AI score0.00745EPSS
Exploits0References8
Rows per page
Query Builder