CVE-2025-6182

The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...

CVE-2025-6182

The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...

CVE-2025-6182

The CVE-2025-6182 issue affects the StrongDM Windows service and stems from improper handling of communications related to system certificate management. It could allow installing untrusted root certificates or removing trusted ones, compromising the host's certificate trust store. Exploitation d...

CVE-2025-6182 Root Certificate Injection

The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones...

StrongDM Client 安全漏洞

StrongDM Client is a client software from StrongDM, Inc. A security vulnerability exists in StrongDM Client that stems from improper handling of system certificate management communications that could result in the installation of an untrusted root certificate or the removal of a trusted...

CVE-2011-0214

CFNetwork in Apple Safari before 5.0.6 on Windows does not properly handle an untrusted attribute of a system root certificate, which allows remote web servers to bypass intended SSL restrictions via a certificate signed by a blacklisted certification authority...

Python Library Certifi < 2024.07.04 Untrusted Root Certificate

The detected version of Certifi python package, certifi, is prior to version 2024.07.04. Therefore, it contains untrusted root certificates from GLOBALTRUST. An unauthenticated, remote attacker can exploit this to gain arbitrary permissions within the application. Note that Nessus has not tested...

Security Bulletin: IBM Storage Fusion HCI may be vulnerable to untrusted root certificates due Python Certifi (CVE-2022-23491, CVE-2023-37920)

Summary The Python Certifi package is present during IBM Storage Fusion HCI's deployment for TLS certificate validation. Vulnerabilities in this library could lead to the use of untrusted root certificates. Vulnerability Details CVEID:CVE-2022-23491 DESCRIPTION: An unspecified error in with...

Google Golang Go Certificate Validation Vulnerability

Google Golang Go is a programming language optimized for programming applications on multiprocessor systems by Google. A security vulnerability exists in Google Golang Go versions 1.7.3 and 1.6.3. A remote attacker can exploit this vulnerability to authenticate a connection with the help of...

AZL-79076 CVE-2017-1000097 affecting package golang 1.25.7-1

On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate...

VMSA-2012-0009 : ESXi and ESX patches address critical security issues (uncredentialed check)

The remote VMware ESX/ESXi host is affected by the following security vulnerabilities : - ESX NFS traffic parsing vulnerability: Due to a flaw in the handling of NFS traffic, it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the...