Lucene search
K

95 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-16013 Malicious code in boulder-butterfly-uff542-project (npm)

The package boulder-butterfly-uff542-project was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-16019 Malicious code in boulder-igloo-bzd590-project (npm)

The package boulder-igloo-bzd590-project was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in boulder-tb2z4-vn8c6-bison-project (npm)

The package boulder-tb2z4-vn8c6-bison-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-16014 Malicious code in boulder-caravan-wix752-project (npm)

The package boulder-caravan-wix752-project was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.0 views

MAL-2025-14916 Malicious code in aspen-boulder-hpk856-project (npm)

The package aspen-boulder-hpk856-project was found to contain malicious code...

7.2AI score
Exploits0
Fedora
Fedora
added 2022/07/13 2:0 a.m.28 views

[SECURITY] Fedora 36 Update: golang-github-letsencrypt-pebble-2.3.1-5.fc36

A miniature version of Boulder, Pebble is a small RFC 8555 ACME test server n ot suited for a production certificate authority...

9.3CVSS8.2AI score0.05416EPSS
Exploits4
ThreatPost
ThreatPost
added 2020/03/05 11:29 a.m.68 views

Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates

Let’s Encrypt said it will give users of its Transport Layer Security TLS certificates more time to replace 1 million certificates that are still active and potentially affected by a Certificate Authority Authorization CAA bug before it revokes them. The popular free certificate authority had giv...

7.2AI score
Exploits0References7
The Hacker News
The Hacker News
added 2020/03/04 10:54 a.m.4 views

Let's Encrypt Revoking 3 Million TLS Certificates Issued Incorrectly Due to a Bug

The most popular free certificate signing authority Let's Encrypt is going to revoke more than 3 million TLS certificates within the next 24 hours that may have been issued wrongfully due to a bug in its Certificate Authority software. The bug, which Let's Encrypt confirmed on February 29 and was...

5.8AI score
Exploits0
HackRead
HackRead
added 2019/06/25 2:29 p.m.85 views

Researchers exploit LTE flaws to send 50,000 fake presidential alerts

By Waqas Researchers managed to cover a 50,000 seat football stadium using only four malicious portable stations. A group of security researchers from the University of Colorado Boulder has published a paper detailing the findings of their latest research revealing that LTE vulnerabilities can he...

1.7AI score
Exploits0
Veracode
Veracode
added 2017/12/18 9:24 a.m.10 views

Man-in-the-Middle (MitM)

github.com/letsencrypt/boulder is vulnerable to man-in-the-middle MitM attacks. The application is configured to assign X509 certificates over http, allowing a malicious user to intercept and inject their own certificate...

6.5AI score
Exploits0
Veracode
Veracode
added 2017/06/22 5:51 a.m.10 views

Non-expiring Signatures

github.com/letsencrypt/boulder is vulnerable to non-expiring signatures. A malicious user can use an old signature and submit it to the application to be authenticated...

6.7AI score
Exploits0
Veracode
Veracode
added 2017/05/02 8:8 a.m.11 views

Authentication Bypass

github.com/letsencrypt/boulder is vulnerable to authentication bypass. A malicious user can bypass validation by passing an RSA key such that the RSA key matches the signature of a still-provisioned resource on the target domain...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/11/15 1:27 p.m.10 views

video.dailycamera.com XSS vulnerability

Vulnerable URL: http://video.dailycamera.com/Anti-Trump-Marchers-Block-the-Highway-into-Boulder-Colorado-31625969?playlistId="// Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 12:45 GMT Vulnerability type:| XSS Vulnerability status:| Publicly...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:45 a.m.14 views

Giant Boulder of Death - Base64 encoded String, Customized SSL, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Giant Boulder of Death published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2016/02/26 9:30 a.m.22 views

Drone Application Privacy, Security Shortcomings

This Threatpost op-ed is part of a series of guest contributions from computer security research and policy experts. Today, we feature Kaspersky Lab’s Kurt Baumgartner. Boulder, Colorado’s Open Space and Mountain Parks winter photo gallery displays parts of the beautiful and productive 45,000-plu...

0.1AI score
Exploits0References6
Rows per page
Query Builder