CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

174 matches found

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.3CVSS7AI score0.00628EPSS

Exploits0References5

NVD•added 5 days ago•6 views

CVE-2026-10098

OCSP CertID serial-number length-confusion in wolfSSLOCSPrespfindstatus allows a same-issuer SingleResponse whose serial is a prefix of the target serial to be reported as the revocation status of a different certificate. The lookup compared serial-number bytes without first requiring the two...

6.3CVSS0.00121EPSS

Exploits0References2

Cvelist•added 5 days ago•21 views

CVE-2026-10098 OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status

6.3CVSS0.00121EPSS

Exploits0References2

RedHat Linux•added 2026/06/16 1:59 p.m.•6 views

Important: Red Hat Security Advisory: tomcat security update

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.5CVSS6.6AI score0.00235EPSS

Exploits0References2

SUSE CVE•added 2026/06/10 2:27 a.m.•7 views

SUSE CVE-2026-44185

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

6.5CVSS5.4AI score0.00452EPSS

Exploits0References3

Snyk•added 2026/06/09 6:33 p.m.•8 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference during OCSP response checking. When a verification chain lacks a self-signed trusted anchor, the issuer of the last certificate is NULL, but the OCSP code accesses the next certificate as the issuer, dereferenci...

7.5CVSS5.3AI score0.00419EPSS

Exploits0References2

EUVD•added 2026/06/09 6:30 p.m.•10 views

EUVD-2026-35480

Issue summary: A malicious server can exploit TLS OCSP stapling by delivering a crafted response through the statusrequest extension, triggering a double-free in the client's certificate verification path. Impact summary: Successful exploitation allows an attacker to corrupt heap memory via a...

6AI score0.00245EPSS

Exploits0References4

NVD•added 2026/06/09 5:17 p.m.•8 views

CVE-2026-35188

5CVSS0.00245EPSS

Exploits0References3

Cvelist•added 2026/06/09 4:3 p.m.•32 views

CVE-2026-42765 NULL Dereference in Certificate Verification with OCSP Checking

Issue summary: When a partial-chain certificate verification is enabled together with OCSP response checking for the whole chain, a NULL dereference will happen if the verified chain does not have a self-signed trusted anchor, crashing the process. Impact summary: A NULL pointer dereference can...

0.00419EPSS

Exploits0References3

Vulnrichment•added 2026/06/09 4:3 p.m.•11 views

CVE-2026-35188 Double-free When Checking OCSP Stapled Response

6AI score0.00245EPSS

Exploits0References3

Cvelist•added 2026/06/08 3:22 p.m.•78 views

CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

0.00452EPSS

Exploits0References1

Vulnrichment•added 2026/06/08 3:22 p.m.•35 views

CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

5.4AI score0.00452EPSS

Exploits0References1

EUVD•added 2026/06/08 3:22 p.m.•11 views

EUVD-2026-35099

7.3CVSS5.4AI score0.00452EPSS

Exploits0References1

AlpineLinux•added 2026/06/08 3:22 p.m.•8 views

CVE-2026-44185

7.3CVSS5.4AI score0.00452EPSS

Exploits0

Positive Technologies•added 2026/06/08 12:0 a.m.•15 views

PT-2026-47323

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A buffer over-read occurs during outbound OCSP Online Certificate Status Protocol requests sent to an attacker-controlled OCSP server. A buffer over-read is a condition where a syste...

7.3CVSS5.6AI score0.00452EPSS

Exploits0References17

RedhatCVE•added 2026/06/06 12:43 p.m.•17 views

CVE-2026-42791

A flaw was found in Erlang OTP's publickey application, specifically in the Online Certificate Status Protocol OCSP response verification. A remote attacker who has obtained the private key of an expired Certificate Authority CA-designated OCSP responder certificate can forge OCSP responses. This...

6.3CVSS5.9AI score0.00316EPSS

Exploits0References9

Rockylinux•added 2026/05/29 4:3 p.m.•14 views

tomcat security update

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Page...

7.5CVSS5.8AI score0.00235EPSS

Exploits0

SUSE CVE•added 2026/05/28 3:58 a.m.•13 views

SUSE CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

7.4CVSS5.8AI score0.00316EPSS

Exploits0References3