Lucene search
K

168 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/01 2:52 p.m.11 views

CVE-2026-8480

A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 included, 4.4.0 to 4.8.15 included , 5.0.2 EA to 5.0.5 included A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to...

4.3CVSS5.8AI score0.00087EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/16 4:53 p.m.15 views

gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

3.7CVSS5.4AI score0.0072EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.16 views

CVE-2026-6899

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS5.5AI score0.00108EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 9:16 a.m.10 views

CVE-2026-6899

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS0.00108EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 8:39 a.m.11 views

CVE-2026-6899 Improper Check for Certificate Revocation in S2OPC

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS5.5AI score0.00108EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/26 6:51 a.m.12 views

gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

3.7CVSS5.8AI score0.0072EPSS
Exploits1References5
OSV
OSV
added 2026/05/19 5:20 p.m.7 views

OPENSUSE-SU-2026:20784-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784: NGINX worker memor...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References10
OSV
OSV
added 2026/05/19 5:20 p.m.10 views

SUSE-SU-2026:21823-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784: NGINX worker memor...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References11
Microsoft CVE
Microsoft CVE
added 2026/05/07 8:11 a.m.10 views

Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response

...

3.7CVSS5.8AI score0.0072EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/05/01 2:12 a.m.9 views

SUSE CVE-2026-3832

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

3.7CVSS5.5AI score0.0072EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/04/30 5:41 p.m.40 views

CVE-2026-3832 Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol OCSP response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabl...

3.7CVSS0.0072EPSS
Exploits1References9
Snyk
Snyk
added 2026/04/30 5:29 p.m.5 views

Incorrect Behavior Order: Early Validation

Overview Affected versions of this package are vulnerable to Incorrect Behavior Order: Early Validation in the OCSP stapling process. An attacker can cause a client to accept a revoked server certificate by presenting a specially crafted multi-record OCSP response during a TLS handshake...

6.3CVSS5.8AI score0.0072EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.9 views

GnuTLS 安全漏洞

GnuTLS is an open-source, free security communication library developed by GnuTLS. GnuTLS has a security vulnerability that stems from a logical error in handling multi-record OCSP responses. This vulnerability could allow remote attackers to cause clients to incorrectly accept revoked server...

3.7CVSS5.8AI score0.0072EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/28 12:0 a.m.102 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : nginx vulnerabilities (USN-8210-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8210-1 advisory. It was discovered that the nginx ngxmailauthhttpmodule module incorrectly handled certain requests. An attacker could possibly use th...

8.8CVSS9.2AI score0.21621EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.6 views

Apache Tomcat和Apache Tomcat Native 安全漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server for the implementation of Servlet and JavaServer Page JSP support. Apache Tomcat client certificate has a validation flaw vulnerability, the vulnerability is due to allow revoked certificate/test...

9.1CVSS5.8AI score0.00715EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-32144

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing...

7.6CVSS5.8AI score0.002EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/07 6:35 p.m.3 views

CVE-2026-32144

A flaw was found in Erlang OTP publickey. This improper certificate validation vulnerability allows a remote attacker to bypass Online Certificate Status Protocol OCSP designated-responder authorization. The vulnerability stems from missing signature verification during OCSP response validation,...

7.6CVSS5.8AI score0.002EPSS
Exploits0References9
OSV
OSV
added 2026/04/07 1:16 p.m.2 views

UBUNTU-CVE-2026-32144

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

7.6CVSS5.8AI score0.002EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/04/07 12:28 p.m.4 views

CVE-2026-32144

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

7.6CVSS5.9AI score0.002EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/07 12:28 p.m.3 views

CVE-2026-32144 OCSP designated-responder authorization bypass via missing signature verification

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows OCSP designated-responder authorization bypass via missing signature verification. The OCSP response validation in publickey:pkixocspvalidate/5 does not verify that a CA-designated responder certificate...

7.6CVSS5.9AI score0.002EPSS
Exploits0References6
Rows per page
Query Builder