Lucene search
K

9 matches found

NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2026-45388

In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication because of KeyUsage and ExtendedKeyUsage...

9.1CVSS0.00225EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.13 views

CVE-2026-24066

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

8.4CVSS5.4AI score0.00122EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/09/29 8:44 p.m.11 views

CVE-2025-34235 Vasion Print (formerly PrinterLogic) Weak SSL/TLS Certificate Validation RCE

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 Windows client deployments contain a registry key that can be enabled by administrators, causing the client to skip SSL/TLS certificate validation. An attacker who can...

9.5CVSS0.00441EPSS
Exploits1References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.33 views

Security Bulletin: IBM Maximo Application Suite - IBM Asset Data Dictionary Component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to CVE-2024-39689

Summary IBM Maximo Application Suite - IBM Asset Data Dictionary Component uses certifi-2024.2.2-py3-none-any.whl which is vulnerable to CVE-2024-39689. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-39689 DESCRIPTION: Certifi...

7.5CVSS6.5AI score0.01049EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/10 5:6 p.m.19 views

CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle MitM attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker...

5.3CVSS6.6AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 5:6 p.m.26 views

CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure

A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle MitM attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker...

5.3CVSS5.3AI score0.0017EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/04/10 12:0 a.m.91 views

Palo Alto Networks PAN-OS 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4. It is, therefore, affected by a vulnerability. - A weak low bit strength device certificate in Palo Alto Networks Panorama software enables an attack...

5.9CVSS5.8AI score0.0017EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.1 views

SUSE CVE-2022-46153

Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS...

6.5CVSS6.7AI score0.00488EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/05/06 7:9 p.m.19 views

CVE-2018-18975

An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. An attacker may proxy communications between the app and Ascensia backend servers because of a weak certificate-pinning implementation, leading to disclosure of medical information...

7.2AI score0.00962EPSS
Exploits1References1
Rows per page
Query Builder