Filtered by CWE-295

Search

Switch to Advanced Search (Beta)
Total 1267 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-37311 2024-08-23 8.2 High
Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora Online 24.04.4.3, 23.05.14.1, and 22.05.23.1.
CVE-2024-41264 1 Casbin 1 Casdoor 2024-08-16 7.5 High
An issue discovered in casdoor v1.636.0 allows attackers to obtain sensitive information via the ssh.InsecureIgnoreHostKey() method.
CVE-2024-40464 1 Beego 1 Beego 2024-08-15 8.8 High
An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file
CVE-2024-42395 2 Arubanetworks, Hp 3 Arubaos, Instant, Instantos 2024-08-12 9.8 Critical
There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.
CVE-2024-32865 1 Johnsoncontrols 1 Exacqvision Server 2024-08-09 6.4 Medium
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
CVE-2021-3601 2023-11-07 3.3 Low
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. OpenSSL does not class this issue as a security vulnerability. The trusted CA store should not contain anything that the user does not trust to issue other certificates. Notes: https://github.com/openssl/openssl/issues/5236#issuecomment-119646061
CVE-2018-3630 2023-11-07 N/A
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none