Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2003 matches found

Cvelist
Cvelistadded 2023/06/02 12:0 a.m.16 views

CVE-2023-0430

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird 102.7.1...

6.5AI score0.00088EPSS
Exploits0References2
CVE
CVEadded 2023/06/02 12:0 a.m.171 views

CVE-2023-0547

CVE-2023-0547 affects Mozilla Thunderbird (68–102.9.1); OCSP revocation status for S/MIME recipient certificates was not checked, allowing revoked certs to be accepted. Multiple connected advisories confirm Thunderbird versions up to 102.9.1 are impacted. Remediation: upgrade Thunderbird to 102.1...

6.5CVSS6.8AI score0.00163EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/06/02 12:0 a.m.3 views

CVE-2023-0430

Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by this bug. This vulnerability affects Thunderbird 102.7.1...

6.3AI score0.00088EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/06/02 12:0 a.m.18 views

CVE-2023-0547

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird 102.10...

7.2AI score0.00163EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2023/06/02 12:0 a.m.8 views

CVE-2023-0547

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird 102.10...

6.8AI score0.00163EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2023/06/02 12:0 a.m.18 views

CVE-2023-0547

OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects Thunderbird 102.10...

6.5CVSS7.3AI score0.00163EPSS
Exploits0
CVE
CVEadded 2023/06/02 12:0 a.m.224 views

CVE-2023-0430

CVE-2023-0430 affects Thunderbird (68–102.7.0) where the OCSP revocation status of S/MIME certificates was not checked during signature verification, causing mail signed with a revoked certificate to appear valid. Public references in the provided documents confirm Thunderbird

6.5CVSS5.8AI score0.00088EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTECadded 2023/05/19 12:0 a.m.2 views

The vulnerability of the Windows operating system’s Revocation List driver allows a hacker to circumvent existing security restrictions.

The vulnerability of the Windows operating system’s Revocation List driver is related to security configuration errors. Exploiting this vulnerability could allow a hacker to circumvent existing security restrictions...

6.1CVSS6.6AI score0.00834EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2023/05/16 8:49 a.m.2 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.8AI score0.88334EPSS
Exploits0References5
OSV
OSVadded 2023/05/11 8:48 p.m.0 views

GHSA-JJGP-WHRP-GQ8M in-toto: PGP trust model not (fully) considered

Impact This security advisory lists multiple concerns about how in-toto uses PGP keys. The findings are aggregated here, because they are all eligible to the same mitigation strategy. Note that the findings are rated with different severities see inline and the highest score was chosen for this...

5.8AI score
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/05/11 8:48 p.m.10 views

in-toto: PGP trust model not (fully) considered

Impact This security advisory lists multiple concerns about how in-toto uses PGP keys. The findings are aggregated here, because they are all eligible to the same mitigation strategy. Note that the findings are rated with different severities see inline and the highest score was chosen for this...

6.7AI score
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2023/05/11 12:0 a.m.2 views

PT-2023-33040 · Gnupg +1 · Gnupg +1

Name of the Vulnerable Software and Affected Versions: in-toto affected versions not specified Description: The issue concerns how in-toto uses PGP keys, specifically with regards to the validation of key creation time, consideration of key revocation, and checking of key usage flags. An attacker...

7.1AI score
Exploits0References5
NVD
NVDadded 2023/05/09 6:15 p.m.19 views

CVE-2023-28251

Windows Driver Revocation List Security Feature Bypass Vulnerability...

5.5CVSS7.3AI score0.00834EPSS
Exploits0References1
OSV
OSVadded 2023/05/09 6:15 p.m.2 views

CVE-2023-28251

Windows Driver Revocation List Security Feature Bypass Vulnerability...

5.5CVSS6.7AI score0.00834EPSS
Exploits0References1
Prion
Prionadded 2023/05/09 6:15 p.m.15 views

Security feature bypass

Windows Driver Revocation List Security Feature Bypass Vulnerability...

1.7CVSS6.2AI score0.00834EPSS
Exploits0References1Affected Software10
Cvelist
Cvelistadded 2023/05/09 5:3 p.m.24 views

CVE-2023-28251 Windows Driver Revocation List Security Feature Bypass Vulnerability

...

5.5CVSS7.6AI score0.00834EPSS
Exploits0References1
CVE
CVEadded 2023/05/09 5:3 p.m.167 views

CVE-2023-28251

CVE-2023-28251 is described as a Windows Driver Revocation List Security Feature Bypass vulnerability. The consolidated data shows a CVSSv3.1 base score of 5.5 (Medium) with a Local attack vector, Low attack complexity, Low privileges required, no user interaction, and Confidentiality Impact None...

5.5CVSS5.7AI score0.00834EPSS
Exploits0References1Affected Software12
Vulnrichment
Vulnrichmentadded 2023/05/09 5:3 p.m.16 views

CVE-2023-28251 Windows Driver Revocation List Security Feature Bypass Vulnerability

...

5.5CVSS7.2AI score0.00834EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2023/05/09 9:50 a.m.2 views

openssl: X.400 address type confusion in X.509 GeneralName

A type confusion vulnerability was found in OpenSSL when OpenSSL X.400 addresses processing inside an X.509 GeneralName. When CRL checking is enabled for example, the application sets the X509VFLAGCRLCHECK flag, this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call,...

7.4CVSS6.8AI score0.88334EPSS
Exploits0References5
Microsoft CVE
Microsoft CVEadded 2023/05/09 7:0 a.m.35 views

Windows Driver Revocation List Security Feature Bypass Vulnerability

...

5.5CVSS7.7AI score0.00834EPSS
Exploits0
Rows per page
Query Builder