Lucene search
K

18 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12340

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds heap read during SM2/SM3 certificate signature verification. When parsing a certificate with an SM3wSM2 signature, the Subject Key Identifier...

7.5CVSS5.9AI score0.00226EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52572

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an un-negotiated Raw Public Key RPK, as defined in RFC 7250, is accepted instead of an X.509 certificate, allowing the bypass of chain...

8.2CVSS5.7AI score0.00145EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.20 views

Erlang/OTP 17.0 < 26.2.5.21 / 27.0 < 27.3.4.12 / 28.0 < 28.5.0.1 / 29.0 < 29.0.1 Certificate Chain Forgery (CVE-2026-42789)

The version of Erlang/OTP installed on the remote host is 17.0 prior to 26.2.5.21, 27.0 prior to 27.3.4.12, 28.0 prior to 28.5.0.1, or 29.0 prior to 29.0.1. It is, therefore, affected by a vulnerability: - Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey...

8CVSS5.5AI score0.00322EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 3:9 p.m.11 views

EUVD-2026-32558

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeycert and publickey modules allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints are restricted e.g...

7.6CVSS5.8AI score0.00338EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/22 6:30 a.m.8 views

EUVD-2026-24609

Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...

6.8CVSS5.8AI score0.00296EPSS
Exploits0References2
OSV
OSV
added 2026/04/07 10:16 p.m.6 views

ALPINE-CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

9.8CVSS6.4AI score0.00225EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : nodejs:16 (AXSA:2023-6328:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6328:01 advisory. nodejs: mainModule.proto bypass experimental policy mechanism CVE-2023-30581 nodejs: process interuption due to invalid Public Key information in x5...

7.5CVSS5.7AI score0.03906EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-28011

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0066EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/02/13 8:0 a.m.4 views

Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509

...

6.1CVSS6.7AI score0.00458EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/02/13 12:20 a.m.3 views

SUSE CVE-2025-24032

PAM-PKCS11 is a Linux-PAM login module that allows a X.509 certificate based user login. Prior to version 0.6.13, if certpolicy is set to none the default value, then pampkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user...

6.9CVSS6.8AI score0.00677EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/05/06 12:0 a.m.5 views

XWiki 加密问题漏洞

Xwiki Platform is a set of wiki platforms for creating web collaboration applications from the French company Xwiki. security vulnerabilities exist in versions of XWiki prior to 13.10.6, 14.3.1 and 14.4-rc-1. X509 certificate with RSA, there is a risk of conflict with SHA1. No details of the...

9.8CVSS8.3AI score0.00385EPSS
Exploits0References4
NVD
NVD
added 2022/01/21 4:15 p.m.10 views

CVE-2021-40855

The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production...

9.8CVSS0.0066EPSS
Exploits0References2
Prion
Prion
added 2022/01/21 4:15 p.m.17 views

Code injection

The EU Technical Specifications for Digital COVID Certificates before 1.1 mishandle certificate governance. A non-production public key certificate could have been used in production...

7.5CVSS9.4AI score0.0066EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/05/21 12:0 a.m.4 views

PT-2019-2636 · Jenkins · Jenkins Credentials Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Credentials Plugin versions 2.1.18 and earlier Description: The issue allows users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path and obtain the...

4.3CVSS4.8AI score0.00969EPSS
Exploits0References14
Check Point Advisories
Check Point Advisories
added 2017/07/17 12:0 a.m.8 views

strongSwan x509 Plugin Denial of Service (CVE-2017-9023)

A denial-of-service vulnerability exists in strongSwan. The vulnerability is due to improper parsing of various X.509 certificate extensions using ASN.1 CHOICE and SEQUENCE types within the X.509 and ASN.1 parsers. A remote attacker can exploit this vulnerability by sending a crafted public key...

4.3CVSS4.6AI score0.02222EPSS
Exploits0
CNVD
CNVD
added 2016/07/06 12:0 a.m.44 views

Apache HTTPD Information Disclosure Vulnerability

Apache HTTP Server is an open source web server from the Apache Software Foundation. Apache HTTPD Web Server 2.4.18-2.4.20 fails to properly validate X509 client certificates for resource access over HTTP/2. This could allow third parties to access web server resources without credentials, leadin...

7.5CVSS9.3AI score0.18802EPSS
Exploits0References1
OSV
OSV
added 2016/03/13 6:59 p.m.1 views

DEBIAN-CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services NSS before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate...

8.8CVSS9.6AI score0.04192EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2010/03/29 12:0 p.m.15 views

sendmail: incorrect verification of SSL certificate with NUL in name

sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

7.5CVSS7AI score0.02374EPSS
Exploits1References4
Rows per page
Query Builder