Vulnerabilities (CVE)

CWE filter

CWE-297

Filter

8 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-13050 2 Gnupg, Sks Keyserver Project 2 Gnupg, Sks Keyserver 2019-07-09 5.0
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from...
CVE-2018-10936 2 Postgresql, Redhat 3 Postgresql Jdbc Driver, Enterprise Linux, Virtualization 2019-04-22 6.8
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle...
CVE-2014-3603 2019-04-08 4.3
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or...
CVE-2014-3522 5 Apache, Apple, Novell and 2 more 5 Subversion, Ubuntu Linux, Xcode and 2 more 2018-10-30 4.0
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers...
CVE-2017-2913 1 Meetcircle 1 Circle With Disney Firmware 2017-11-28 2.6
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS...
CVE-2017-2912 1 Meetcircle 1 Circle With Disney Firmware 2017-11-28 2.6
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the goclient daemon to accept a different certificate than intended. An...
CVE-2017-2911 1 Meetcircle 1 Circle With Disney Firmware 2017-11-28 2.6
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific domain names can cause the rclient daemon to accept a different certificate than intended. An...
CVE-2016-1280 1 Juniper 1 Junos 2017-09-01 6.4
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1...