CVE-2025-63729

An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO3.7L3.1.02-240517 allowing attackers to exctract the SSL Private Key, CA Certificate, SSL Certificate, and Client Certificates in .pem format in firmware in etc folder...

EUVD-2017-0103

Malware in sbrugna...

python-cryptography: NULL-dereference when loading PKCS7 certificates

A null-pointer dereference vulnerability was found in python-cryptography during the loading of PKCS7 certificates. Invoking "loadpempkcs7certificates" or "loadderpkcs7certificates" can trigger this issue and lead to subsequent segmentation fault and result in a Denial of Service DoS for any...

CVE-2023-48223

fast-jwt prior to v3.3.2 contains a publicKeyPemMatcher bug that fails to cover all PEM formats for public keys, enabling an algorithm-confusion attack (HS256 signed with an RSA public key) when RS256 is used and the verifier does not explicitly specify an algorithm. A patch in v3.3.2 fixes this ...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

Baidu Rust SGX SDK 安全漏洞

Baidu Rust SGX SDK is a Rust language development kit for Intel SGX Trusted Computing Platform from Baidu, China. Baidu Rust SGX SDK suffers from a security vulnerability, which originates from a side-channel vulnerability in base64 PEM file decoding in Rust SGX 1.1.3. An attacker can exploit the...

How to Convert PFX Certificate to PEM Format for Use with Citrix ADC

For detailed instructions refer to Citrix Documentation -Converting Certificate from PFX Format to PEM Format...

Security update for mbedtls (important)

This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1...

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik...

openSUSE Security Update : curl (openSUSE-2015-125)

was updated to version 7.40.0 to fix two security issues. These security issues were fixed : - CVE-2014-8150: CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allowed remote attackers to inject arbitrary HTTP headers and conduct HTTP response...