110 matches found
CVE-2026-42791
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...
Linux Distros Unpatched Vulnerability : CVE-2026-42791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificat...
DEBIAN-CVE-2026-42791
Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...
EEF-CVE-2026-42791 OCSP responder certificate validity period not checked in public_key
Summary Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...
SUSE-SU-2026:0777-1 Security update for cosign
This update for cosign fixes the following issues: Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs bsc1250620. - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cau...
SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2025:4006-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4006-1 advisory. This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to...
SUSE-SU-2025:4006-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...
EUVD-2020-6311
Malware in sbrugna...
EUVD-2002-2104
Malware in sbrugna...
EUVD-2001-0989
Malware in sbrugna...
EUVD-2022-6620
Malicious code in bioql PyPI...
CVE-2023-5342 Shim: expired secure boot certificate
The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded...
CVE-2023-5342
CVE-2023-5342 affects the Fedora shim’s Secure Boot validation by an expired Fedora Secure Boot CA certificate shipped with shim. Root cause: expiration of the CA cert used to sign boot components, allowing the loading of old/invalid signed boot components. Impact: potential to load outdated or i...
Red Hat Enterprise Linux 安全漏洞
Red Hat Enterprise Linux is a Linux operating system for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux that stems from an expired certificate that could result in the loading of an invalid boot component...
Security update for gpg2
This update for gpg2 fixes the following issues: gpg: Allow the use of an ADSK subkey as ADSK subkey. bsc1239119 CVE-2025-30258 Don't install expired sks certificate bsc1243069 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
CVE-2002-2125
Internet Explorer 6.0 does not warn users when an expired certificate authority CA certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle MITM attack...
Citrix Virtual Apps and Desktops 2402 CU2 expired certificate
Citrix Virtual Apps and Desktops CVAD 2402 LTSR Cumulative Update 2 CU2 2402.0.2100 contains installers and binaries signed with a now-expired code signing certificate. File signatures are considered valid if either: A timestamp was included at the time of signing, or The certificate used for...
UBUNTU-CVE-2025-24807
eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date validated. Access contro...
BIT-NODE-MIN-2021-22939
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted...
CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...