Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-55599

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with...

5.8CVSS6AI score0.00133EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/22 8:0 p.m.20 views

CVE-2026-55599 phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS0.00133EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/06/22 8:0 p.m.4 views

CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS5.9AI score0.00133EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:0 p.m.4 views

CVE-2026-55599

phpseclib is a PHP secure communications library. From 0.1.1 until 1.0.30, 2.0.55, and 3.0.54, when an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it...

5.8CVSS5.9AI score0.00133EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/06/22 8:0 p.m.15 views

CVE-2026-55599

phpseclib (versions 0.1.1 through 1.0.30, 2.0.55, and 3.0.54) vulnerability: X509::validateSignature() reads a URL from the certificate's Authority Information Access extension and connects to it, enabling an attacker supplying a cert to fully control the outbound connection (host, port, path). T...

5.8CVSS5.9AI score0.00133EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.20 views

PT-2026-51381

Name of the Vulnerable Software and Affected Versions phpseclib versions 0.1.1 through 1.0.29 phpseclib versions 2.0.0 through 2.0.54 phpseclib versions 3.0.0 through 3.0.53 Description An insecure default in the library allows an unauthenticated attacker to perform Server-Side Request Forgery...

5.8CVSS5.8AI score0.00133EPSS
Exploits1References3
OSV
OSV
added 2026/06/16 3:3 p.m.10 views

GHSA-M557-WRGG-6RP4 phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access

Summary When an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it. Attacker who supplies certificate fully controls host, port, and path of that connectio...

5.8CVSS5.7AI score0.00133EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/06/16 3:3 p.m.11 views

phpseclib: X.509 certificate validation sends attacker-controlled outbound requests (server-side request forgery) via Authority Information Access

Summary When an application validates an untrusted X.509 certificate with phpseclib, X509::validateSignature reads a URL out of that certificate's Authority Information Access AIA extension and connects to it. Attacker who supplies certificate fully controls host, port, and path of that connectio...

5.8CVSS5.7AI score0.00133EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/14 9:16 p.m.12 views

CVE-2026-42327

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from a certificate's AIA extension as OpensslString, whose Deref wraps the raw bytes with str::fromutf8unchecked. OpenSSL does not enforce th...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.10 views

rust-openssl 输入验证错误漏洞

rust-openssl is an open-source library in Rust that allows for interaction with the OpenSSL library. In versions 0.9.7 to 0.10.79 of rust-openssl, there was a vulnerability related to input validation errors. This vulnerability stemmed from X509Ref::ocspresponders returning the OCSP responder URL...

8.7CVSS5.9AI score0.00211EPSS
Exploits0References1
OSV
OSV
added 2026/02/03 12:56 a.m.7 views

USN-7998-1 openjdk-17 vulnerabilities

It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
OSV
OSV
added 2026/02/02 11:40 p.m.6 views

USN-8003-1 openjdk-21-crac vulnerabilities

It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/02/02 11:40 p.m.6 views

USN-8003-1: CRaC JDK 21 vulnerabilities

It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
OSV
OSV
added 2026/02/02 11:31 p.m.8 views

USN-8002-1 openjdk-21 vulnerabilities

It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00864EPSS
Exploits1References5
Ubuntu
Ubuntu
added 2026/02/02 6:10 p.m.6 views

USN-7997-1: CRaC JDK 17 vulnerabilities

It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00864EPSS
Exploits1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-10165

Malware in sbrugna...

5.3CVSS5.3AI score0.00598EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 6:22 p.m.6 views

CVE-2021-23047

On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol OCSP verification of a certificate that contains Authority Information Access AIA, undisclosed requests may cau...

5.3CVSS6.8AI score0.00598EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/11/10 12:0 a.m.7 views

The vulnerability of the OCSP Responder component in the access control and remote authentication solution BIG-IP Access Policy Manager allows a perpetrator to trigger a service failure.

The vulnerability of the OCSP Responder component in the BIG-IP Access Policy Manager’s access control and remote authentication system is related to errors in processing URL addresses contained in the AIA certificate fields. Exploiting this vulnerability could allow a malicious actor to cause...

5.3CVSS6AI score0.00598EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/09/14 2:15 p.m.6 views

CVE-2021-23047

On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol OCSP verification of a certificate that contains Authority Information Access AIA, undisclosed requests may cau...

5.3CVSS6.1AI score0.00598EPSS
Exploits0References1
Prion
Prion
added 2021/09/14 2:15 p.m.26 views

Design/Logic Flaw

On version 16.x before 16.1.0, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, and all versions of 13.1.x, 12.1.x and 11.6.x, when BIG-IP APM performs Online Certificate Status Protocol OCSP verification of a certificate that contains Authority Information Access AIA, undisclosed requests may cau...

5CVSS5.3AI score0.00598EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder