OESA-2026-2575 samba security update

Samba is a suite of programs for Linux and Unix to interoperate with Windows. Security Fixes: A flaw was found in Samba's certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and...

EUVD-2025-201774

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48575

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48575

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android that stems from a privilege bypass issue in the CertInstaller.java file, which could lead to the installation of certificates...

ASB-A-417463103

In multiple functions of CertInstaller.java, there is a possible way to install certificates due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-43465

Name of the Vulnerable Software and Affected Versions CertInstaller.java affected versions not specified Description The software contains a flaw in multiple functions that may allow for the installation of certificates due to a permissions bypass. This could result in local escalation of privile...

EUVD-2020-1961

Malware in sbrugna...

EUVD-2020-1523

Malware in sbrugna...

EUVD-2021-26059

Malware in sbrugna...

EUVD-2022-50931

Malicious code in bioql PyPI...

HTTPS access to NetScaler Console is failed after installing a new certificate

HTTPs access to NetScaler Console failed after installing a new certificate from GUI System -Administration -Install SSL Certificate in NetScaler Console...

CVE-2021-39702

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

CVE-2020-0460

In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2020-0015

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

PT-2024-38016 · Cato Networks · Cato Networks Sdp Client

Name of the Vulnerable Software and Affected Versions: Cato Networks SDP Client versions prior to 5.10.28 Description: The issue affects Cato Networks SDP Client on Windows, where local root certificates can be installed by low-privileged users, and there is an Improper Input Validation...

CVE-2024-25140

A default installation of RustDesk 1.2.3 on Windows places a WDKTestCert certificate under Trusted Root Certification Authorities with Enhanced Key Usage of Code Signing 1.3.6.1.5.5.7.3.3, valid from 2023 until 2033. This is potentially unwanted, e.g., because there is no public documentation of...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

How to convert PFX certificate without importing password to PEM certificate on ADC

This article provides instruction on how toconvert PFX certificate with importing password to PEM certificate in our document using "Import PKCS12" on GUI. Refer to...

CVE-2022-48222

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK installation, certutil.exe is called by the Acuant installer to install certificates. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full...