Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/04/13 7:23 p.m.4 views

CVE-2026-40070

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...

8.1CVSS5.8AI score0.00135EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/09 5:26 p.m.4 views

CVE-2026-40070 bsv-sdk and bsv-wallet persist unverified certifier signatures in acquire_certificate (direct and issuance paths)

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...

8.1CVSS5.8AI score0.00135EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/09 5:26 p.m.4 views

CVE-2026-40070

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.3.1 to before 0.8.2, BSV::Wallet::WalletClientacquirecertificate persists certificate records to storage without verifying the certifier's signature over the certificate contents. In acquisitionprotocol: 'direct', the caller supplies all...

8.1CVSS5.9AI score0.00135EPSS
Exploits1References6Affected Software3
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.26 views

Amazon Linux 2 : pki-core (ALAS-2023-2304)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2304 advisory. A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the...

5.7CVSS6.2AI score0.00227EPSS
Exploits0References4
CNVD
CNVD
added 2017/09/14 12:0 a.m.3 views

D-Link DIR-850L REV.A and REV.B Certificate Acquisition Vulnerability (CNVD-2017-31785)

The D-Link DIR-850L REV.A and REV.B are both wireless router products from AUO D-Link. A security vulnerability exists in D-Link DIR-850L REV.A and REV.B devices using firmware FW114WWb07h2abbeta1 and prior versions and REV.B with firmware FW208WWb02 and prior versions. An attacker could exploit...

7.8CVSS7.5AI score0.0034EPSS
Exploits1References1
CNVD
CNVD
added 2017/07/05 12:0 a.m.2 views

Lenovo System x IMM2 Firmware Certificate Acquisition Vulnerability

Lenovo System x IMM2 is the firmware used in Lenovo servers in which it provides remote monitoring and control of the server. The Lenovo System x IMM2 has a security vulnerability that can be exploited by an attacker to obtain login credentials...

6.5CVSS7AI score0.00842EPSS
Exploits0References1
Rows per page
Query Builder