EUVD-2006-6451

Malware in sbrugna...

EUVD-2004-0589

Malware in sbrugna...

CVE-2025-55229 Windows Certificate Spoofing Vulnerability

...

CVE-2012-2498

Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.08066 does not ensure that authentication makes use of a legitimate certificate, which allows user-assisted man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29197...

SUSE CVE-2004-0590

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS7 certificates in which a self-signed certificate identifies an alternate...

SUSE CVE-2014-0092

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate...

SUSE CVE-2022-26305

An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the...

Unpatched Systems Vulnerable to Spoofed Linked Certificates in KDC

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Windows Server provides Public Key Infrastructure PKI technology to enable capabilities such as Encrypting File System EFS, domain authentication, digital signatures, and email security. Misconfiguration...

Haxx Libcurl Man-in-the-Middle Attack Vulnerability

Haxx Libcurl is a free , open source client-side URL transfer library from the Swedish company Haxx. The library supports FTP, FTPS, TFTP, HTTP and so on. The 'darwinsslconnectstep1' function in the lib/vtls/curldarwinssl.c file in Haxx libcurl has a security vulnerability, as the program fails t...

CVE-2014-7779

The Kuran'in Bilimsel Mucizeleri aka com.wKurannBilimselMucizeleri application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

PT-2009-4918 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer overflow in the CryptoAPI component when parsing X.509 certificates with malformed ASN.1 Object Identifiers. This allows man-in-the-middle...

firefox/nss: doesn't handle NULL in Common Name properly

Mozilla Network Security Services NSS before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to...

firefox/nss: doesn't handle NULL in Common Name properly

Mozilla Network Security Services NSS before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to...

CVE-2006-6468

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not check the Fully Qualified Domain Name FQDN during a "Validate Repository SSL Certificate" scan, which has unknown impact and attack vectors, possibly related to spoofed...

PT-2005-1107

Name of the Vulnerable Software and Affected Versions Microsoft Terminal Server using Remote Desktop Protocol RDP 5.2 Description The issue concerns the storage of an RSA private key in mstlsapi.dll, which is used to sign a certificate. This allows remote attackers to spoof public keys of...

CVE-2004-0590

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS7 certificates in which a self-signed certificate identifies an alternate...

CVE-2004-0590

FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS7 certificates in which a self-signed certificate identifies an alternate...