Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38295

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00352EPSS
Exploits0References2
OSV
OSV
added 2025/09/29 9:15 p.m.4 views

CVE-2025-34222

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.1049 and Application prior to version 20.0.2786 VA/SaaS deployments expose four admin routes – /admin/hp/certupload, /admin/hp/certdelete, /admin/certs/ca, and /admin/certs/serviceclients/scid – without any...

9.1CVSS5.8AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:55 a.m.21 views

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

8.2CVSS7.1AI score0.00352EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 3:15 a.m.3 views

CVE-2023-39467

Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability...

5.3CVSS6AI score0.00539EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/04/16 4:15 p.m.11 views

CVE-2023-50872

The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security...

7.5CVSS6.2AI score0.00357EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/08/03 3:15 a.m.3 views

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

8.2CVSS7.2AI score0.00352EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/08/03 12:0 a.m.35 views

CVE-2023-34196

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert allows partial denial of service due to an authentication issue. In configurations using OAuth, disclosure of CA certificates attributes and public keys to unauthenticated or less privileged users may...

8.2AI score0.00352EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/13 6:23 p.m.20 views

CVE-2022-20230

In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

5.4AI score0.00087EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/11/02 12:0 a.m.22 views

F5 Networks BIG-IP : Apache vulnerability (K42644206)

Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager EM andmanaged BIG-IP devices. CVE-2017-6146...

0.7AI score
Exploits0References2
CNVD
CNVD
added 2017/04/25 12:0 a.m.2 views

TP-Link TL-SG108E Certificate Disclosure Vulnerability

The TP-Link TL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-Link TL-SG108E. A remote attacker can exploit the vulnerability to read 'SEND data' logs and retrieve certificates...

9.8CVSS6.8AI score0.01941EPSS
Exploits1References1
CNVD
CNVD
added 2017/03/15 12:0 a.m.1 views

Wireless IP Camera (P2P) WIFICAMRSA Key and Certificate Disclosure Vulnerability

Wireless IP Camera P2P WIFICAM is a wireless IP camera. Wireless IP Camera P2P WIFICAM RSA key and certificate disclosure vulnerability. /system/www/pem/ck.pem contains an Apple certificate with a private RSA key, which can be exploited by an attacker to obtain sensitive information...

6.4AI score
Exploits0References1
CNVD
CNVD
added 2017/02/15 12:0 a.m.1 views

IBM WebSphere Application Server Cross-Site Scripting Vulnerability (CNVD-2017-01846)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A cross-site scripting vulnerability exists in IBM WAS. An...

5.4CVSS7.8AI score0.00879EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/29 12:0 a.m.3 views

Cross-site scripting vulnerability in multiple IBM Rational products (CNVD-2016-13288)

IBM Rational Collaborative Lifecycle Management CLM, etc. are products of IBM Corporation in the U.S. IBM Rational CLM, Rational Team Concert RTC and Rational Engineering Lifecycle Manager RELM are collaborative lifecycle management solutions; Rational DOORS Next Generation RDNG is a requirements...

5.4CVSS6.2AI score0.0054EPSS
Exploits0References1
CNVD
CNVD
added 2016/09/06 12:0 a.m.3 views

MySQL 5.5.45 (64bit) Local Certificate Disclosure Vulnerability

Oracle MySQL is an open source relational database management system. A local certificate disclosure vulnerability exists in MySQL version 5.5.45. It allows an attacker to obtain the username and password provided for accessing the database...

6AI score
Exploits0References1
OwnCloud
OwnCloud
added 2016/07/13 6:59 p.m.489 views

Disclosure of arbitrary certificate files - ownCloud

The 'Import root certificate' ability that users are able to use once filesexternal is enabled allows users to import their own root certificates for connections. e.g. server-to-server shares to servers using a self-signed certificate or external storages The functionality was using the PHP OpenS...

6.7AI score
Exploits0Affected Software1
CNVD
CNVD
added 2015/12/13 12:0 a.m.2 views

Microsoft Windows Xbox Live Certificate Disclosure Vulnerability

Microsoft windows is a popular operating system. The private key used for .xboxlive.com SSL/TLS certificates on Microsoft Windows systems has been compromised, allowing remote attackers to exploit the vulnerability for man-in-the-middle attacks...

6.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/03/21 12:0 a.m.22 views

GLSA-200803-30 : ssl-cert eclass: Certificate disclosure

The remote host is affected by the vulnerability described in GLSA-200803-30 ssl-cert eclass: Certificate disclosure Robin Johnson reported that the docert function provided by ssl-cert.eclass can be called by source building stages of an ebuild, such as srccompile or srcinstall, which will resul...

1.9CVSS5.7AI score0.00212EPSS
Exploits1References2
Gentoo Linux
Gentoo Linux
added 2008/03/20 12:0 a.m.22 views

ssl-cert eclass: Certificate disclosure

Background The ssl-cert eclass is a code module used by Gentoo ebuilds to generate SSL certificates. Description Robin Johnson reported that the docert function provided by ssl-cert.eclass can be called by source building stages of an ebuild, such as srccompile or srcinstall, which will result in...

1.9CVSS6.5AI score0.00212EPSS
Exploits1
Rows per page
Query Builder