Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NCSC
NCSCadded 2023/01/26 12:0 a.m.3 views

Vulnerability found in KeePass

A vulnerability has been found in KeePass. A malicious person could potentially exploit the vulnerability to gain access to data stored in a KeePass database. This could include usernames, passwords and email addresses. Successful misuse requires that the malicious party have access to the system...

5.5CVSS6.1AI score0.41441EPSS
Exploits2
OSV
OSVadded 2022/05/21 12:15 a.m.3 views

DEBIAN-CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS7.3AI score0.00301EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2021/08/10 7:52 a.m.1 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.00917EPSS
Exploits1References6
BDU FSTEC
BDU FSTECadded 2018/10/31 12:0 a.m.4 views

The vulnerability in the implementation of the TLS protocol in the FortiOS operating system allows a attacker to decrypt messages without knowing the secret key, thereby carrying out a “man-in-the-middle” attack.

Vulnerability of the TLS protocol implementation in the FortiOS operating system, caused by deficiencies in the implementation of the encryption algorithm. Exploiting this vulnerability allows a malicious actor to decrypt messages without knowing the secret key, thereby carrying out a...

7.5CVSS5.5AI score0.00165EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linuxadded 2017/08/08 4:14 p.m.2 views

kernel: crypto: GPF in lrw_crypt caused by null-deref

The lrwcrypt function in 'crypto/lrw.c' in the Linux kernel before 4.5 allows local users to cause a system crash and a denial of service by the NULL pointer dereference via accept2 system call for AFALG socket without calling setkey first to set a cipher key...

5.5CVSS7.1AI score0.00038EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2016/07/05 12:0 a.m.2 views

Vulnerabilities of the enterprise automation system 1C:Enterprise, allowing a malicious individual to trigger service failures or gain access to encrypted data without knowing the encryption key

Multiple vulnerabilities in the OpenSSL cryptographic package of the 1C: enterprise automation system allow a malicious actor to remotely cause service failures or gain access to encrypted data without knowing the encryption key...

7.5CVSS7.1AI score0.91945EPSS
Exploits21References42Affected Software1
Positive Technologies
Positive Technologiesadded 2009/03/10 12:0 a.m.3 views

PT-2009-2785 · Microsoft · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 Description: A spoofing issue exists in the Secure Channel SChannel authentication component when certificate authentication is...

7.1CVSS6.4AI score0.24947EPSS
Exploits2References10
Rows per page
Query Builder