Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-36755 | 2024-11-21 | N/A | 6.8 MEDIUM | ||
| D-Link DIR-1950 up to v1.11B03 does not validate SSL certificates when requesting the latest firmware version and downloading URL. This can allow attackers to downgrade the firmware version or change the downloading URL via a man-in-the-middle attack. | |||||
| CVE-2023-48052 | 1 Httpie | 1 Httpie | 2024-11-21 | N/A | 7.4 HIGH |
| Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. | |||||
| CVE-2024-40464 | 1 Beego | 1 Beego | 2024-08-15 | N/A | 8.8 HIGH |
| An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the sendMail function located in beego/core/logs/smtp.go file | |||||
| CVE-2024-41265 | 2024-08-02 | N/A | 7.5 HIGH | ||
| A TLS certificate verification issue discovered in cortex v0.42.1 allows attackers to obtain sensitive information via the makeOperatorRequest function. | |||||
| CVE-2024-41253 | 2024-08-01 | N/A | 7.1 HIGH | ||
| goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient component. | |||||