CVE-2026-42791

Summary: CVE-2026-42791 is an improper certificate validation weakness in Erlang OTP’s public_key/pubkey_ocsp module. OCSP response verification (pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3) fails to enforce the validity period (notBefore/notAfter) of the OCSP responde...

CVE-2022-42791

A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges...

EUVD-2025-42791

Malicious code in okta-papeda54-sukiwir npm...

CVE-2023-42791

creationtimestamp| type| source ---|---|--- 2024-02-20 15:21:53+00:00| seen| https://t.me/ctinow/188595 2024-02-20 15:26:55+00:00| seen| https://t.me/ctinow/188602 2024-02-21 14:55:35+00:00| seen| https://t.me/arpsyndicate/3823 2024-03-08 15:21:57+00:00| seen| https://t.me/ctinow/203369 2025-02-1...

CVE-2023-42791

A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests...

CVE-2023-42791

A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 through 7.0.8 and 6.4.0 through 6.4.12 and 6.2.0 through 6.2.11 allows attacker to execute unauthorized code or commands via crafted HTTP requests...

CVE-2023-42791

CVE-2023-42791 describes a relative path traversal in Fortinet FortiManager that allows an attacker to execute unauthorized code or commands via crafted HTTP requests. The vulnerability affects FortiManager versions: 7.4.0, 7.2.0–7.2.3, 7.0.0–7.0.8, 6.4.0–6.4.12, and 6.2.0–6.2.11. The connected R...

CVE-2022-42791

CVE-2022-42791 is a macOS-specific race condition vulnerability that was addressed by improving state handling. The issue could allow an app to execute arbitrary code with kernel privileges and is fixed in macOS Ventura 13. Affected component is the kernel-related path implicated by the race cond...

CVE-2021-42791

The CVE-2021-42791 entry concerns VeridiumID VeridiumAD 2.5.3.0. The vulnerability is an access-control gap in the HTTP trigger for push notifications: an attacker can trigger notifications for other enrolled users, and the notification text can be altered. If the notification recipient accepts, ...

CVE-2021-42791

An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push notifications for VeridiumAD enrolled users does not enforce proper access control. A user can trigger push notifications for any other user. The text contained in the push notification can also be modified...