CVE-2023-6055

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

CVE-2023-6055 Improper Certificate Validation in Bitdefender Total Security HTTPS Scanning (VA-11158)

A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate lacks the "Server Authentication" specification in the Extended Key Usage extension, the product...

ALPINE-CVE-2024-45159

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtlssslgetverifyresult would...

UBUNTU-CVE-2024-45159

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtlssslgetverifyresult would...

PT-2024-31443 · Mbed Tls +1 · Mbed Tls +1

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 3.x before 3.6.1 Description: An issue was discovered in Mbed TLS with TLS 1.3, when a server enables optional authentication of the client. If the client-provided certificate does not have appropriate values in keyUsage or...

Buffer Overflow

Fort is vulnerable to Buffer Overflow. The vulnerability is caused due to a malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into...

CVE-2024-45237

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without...

DEBIAN-CVE-2024-45237

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without...

CVE-2024-45237

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without...

UBUNTU-CVE-2024-45237

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a Key Usage extension composed of more than two bytes of data. Fort writes this string into a 2-byte buffer without...

PT-2024-9114

Name of the Vulnerable Software and Affected Versions: Fort versions prior to 1.6.3 Description: The issue is related to a buffer overflow in the stack due to improper sanitization of the length of a Key Usage extension in a resource certificate served by a malicious RPKI repository. This can all...

CVE-2024-21981

Improper key usage control in AMD Secure Processor ASP may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity...

CVE-2024-21981

Improper key usage control in AMD Secure Processor ASP may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity...

CVE-2024-21981

CVE-2024-21981 – AMD Secure Processor (ASP) concerns an improper key usage control in ASP. An attacker with local access and arbitrary code execution in ASP could extract ASP cryptographic keys, threatening confidentiality and integrity. Connected AMD advisories list affected ASP/PSP components a...

CVE-2024-21981

Improper key usage control in AMD Secure Processor ASP may allow an attacker with local access who has gained arbitrary code execution privilege in ASP to extract ASP cryptographic keys, potentially resulting in loss of confidentiality and integrity...

Browser-based Application's Page Fails to Load With: ERR_SSL_KEY_USAGE_INCOMPATIBLE

Article Applicability The error discussed in this article is caused by a misconfiguration of the website's certificate. Specifically, the ERRSSLKEYUSAGEINCOMPATIBLE error occurs when the certificate used by a website has a KeyUsage value defined, but it does not include "Digital Signature" and...

openNDS Security Vulnerabilities

openNDS is a high-performance, small footprint portal system from openNDS open source. A security vulnerability exists in versions prior to openNDS 10.1.2 that originates from allowing a user to skip the startup page sequence when the default FAS key is used and OpenNDS is configured for FAS...

GHSA-HX74-4WMC-FWVF Duplicate Advisory: EVE Has Partially Predetermined Vault Key

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wc42-fcjp-v8vq. This link is maintained to preserve external references. Original Description Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the...

CVE-2023-43637

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the last 16 bytes predetermined to be "arfoobarfoobarfo". This issue happens because "deriveVaultKey" calls "retrieveCloudKey" which will always return "foobarfoobarfoobarfoobarfoobarfo...

uthenticode security breach

Authenticode is Trail of Bits open source a small cross-platform library . Used to partially verify Authenticode digital signatures . A security vulnerability exists in versions prior to uthenticode 2.0.0 , the vulnerability stems from not checking the extended key usage in the certificate ,...