CVE-2020-11630

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. In several sections of code, the verification of serialized objects sent between nodes connected via the Peers protocol allows insecure objects to be deserialized...

CVE-2020-11627

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. A Cross Site Request Forgery CSRF issue has been found in the CA UI...

PrimeKey Solutions EJBCA Code Issue Vulnerability (CNVD-2020-22248)

PrimeKey Solutions EJBCA is a software PKI certificate authority package from PrimeKey Solutions, Sweden. A security vulnerability exists in PrimeKey Solutions EJBCA versions prior to 6.15.2.6 and 7.x versions prior to 7.3.1.2. An attacker could exploit the vulnerability to upload malicious scrip...

CVE-2020-11629

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, is supposed to save uploaded test certificates to the server. An attacker who has gained access to...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM System Networking Switch Center (CVE-2014-3566, CVE-2014-6512, CVE-2014-6457 CVE-2015-0410, CVE-2015-6593)

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, Version 7 that is used by IBM System Networking Switch Center. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption POODLE SSLv3 vulnerabilityCVE-2014-3566. These were disclosed as part of th...