Lucene search
K

12 matches found

OSV
OSV
added 2026/06/16 3:3 p.m.9 views

GHSA-M557-WRGG-6RP4 phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access

Summary When an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it. Attacker who supplies certificate fully controls host, port, and path of that connectio...

5.8CVSS5.7AI score
Exploits0References2
OSV
OSV
added 2026/03/03 5:51 p.m.10 views

SUSE-SU-2026:20629-1 Security update for go1.24-openssl

This update for go1.24-openssl fixes the following issues: - Update to version 1.24.13 jscSLE-18320 - CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information. bsc1251255 - CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress. bsc1251253 -...

10CVSS7.9AI score0.01945EPSS
Exploits4References44
SUSE Linux
SUSE Linux
added 2025/10/20 1:12 p.m.5 views

Security update for go1.24

This update for go1.24 fixes the following issues: go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509: TLS validation fails for FQDNs with trailing dot go1.24.8 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509,...

8.8CVSS6.3AI score0.00626EPSS
Exploits0References42
Vulnrichment
Vulnrichment
added 2025/06/02 4:22 p.m.13 views

CVE-2025-48994 SignXML's signature verification with HMAC is vulnerable to an algorithm confusion attack

SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared secret set signxml.XMLVerifier.verifyrequirex509=False, hmackey=..., versions of SignXML prior to 4.0.4 are vulnerable to a potential...

6.9CVSS6.5AI score0.00192EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.3 views

PT-2025-23537 · Signxml · Signxml

Name of the Vulnerable Software and Affected Versions: SignXML versions prior to 4.0.4 Description: The issue concerns a potential algorithm confusion attack when verifying signatures with X509 certificate validation turned off and HMAC shared secret set. This could allow an attacker to supply a...

6.9CVSS6.2AI score0.00192EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/06/02 12:0 a.m.5 views

PT-2025-23540 · Signxml · Signxml

Name of the Vulnerable Software and Affected Versions: SignXML versions prior to 4.0.4 Description: The issue concerns a potential timing attack when verifying signatures with X509 certificate validation turned off and HMAC shared secret set. This could allow users to reconstruct the correct HMAC...

6.9CVSS5.9AI score0.00199EPSS
Exploits0References12
Cvelist
Cvelist
added 2023/11/14 11:3 a.m.28 views

CVE-2023-44317

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V7.2.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V7.2.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V7.2.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V7.2.2,...

8.6CVSS7.5AI score0.00376EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2018/01/10 12:0 a.m.44 views

Security Update for .NET Core (January 2018) (macOS)

The Microsoft .NET Core runtime installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass in X509 Certificate Validation allows an attacker to present a certificate that is marked as invalid fo...

7.5CVSS7.1AI score0.08885EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.25 views

Oracle Linux 7 : squid (ELSA-2015-2378)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2378 advisory. - Resolves: 1233265 - CVE-2015-3455 squid: incorrect X509 server certificate validation Tenable has extracted the preceding description block directly from the...

2.6CVSS7.5AI score0.11402EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/03/12 12:0 a.m.25 views

SuSE Update for gnutls openSUSE-SU-2014:0325-1 (gnutls)

Check for the Version of gnutls OpenVAS Vulnerability Test $Id: gbsuse201403251.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for gnutls openSUSE-SU-2014:0325-1 gnutls Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program i...

5.8CVSS6.8AI score0.29958EPSS
Exploits1References1
Oracle linux
Oracle linux
added 2013/01/11 12:0 a.m.45 views

freeradius2 security and bug fix update

2.1.12-5 - resolves: bug855308 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...

6.8CVSS3AI score0.0565EPSS
Exploits0
Oracle linux
Oracle linux
added 2012/10/02 12:0 a.m.44 views

freeradius security update

2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...

6.8CVSS3.1AI score0.0565EPSS
Exploits0
Rows per page
Query Builder