Lucene search
K

15 matches found

OSV
OSV
added 2026/06/09 12:0 a.m.7 views

UBUNTU-CVE-2026-42769

Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...

5.3CVSS5.6AI score0.00262EPSS
Exploits0References4
Chainguard
Chainguard
added 2026/04/11 2:18 a.m.23 views

GHSA-FV83-X2XW-2J55 vulnerabilities

Vulnerabilities for packages: cilium-fips, newrelic-k8s-metadata-injection-fips, flux, rabbitmq-messaging-topology-operator-fips, clickhouse-operator, actions-runner-controller-fips, flux-image-automation-controller, pgwatch, commercial-chainloop-cli, grafana-rollout-operator,...

6.1AI score
Exploits0
OSV
OSV
added 2023/07/01 11:5 a.m.4 views

OESA-2023-1391 bouncycastle security update

A Java implementation of cryptographic algorithms. Security Fixes: A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to...

5.3CVSS6.3AI score0.00772EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/11/08 10:51 a.m.55 views

nodejs:14 security update

An update is available for nodejs-nodemon, nodejs, nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Node.js is a software development platform f...

8.2CVSS8.4AI score0.21514EPSS
Exploits3
RedHat Linux
RedHat Linux
added 2022/10/19 10:12 a.m.7 views

nodejs: Incorrect handling of certificate subject and issuer fields

A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries...

5.3CVSS7.4AI score0.09358EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2022/06/06 9:29 a.m.2 views

nodejs: Incorrect handling of certificate subject and issuer fields

A flaw was found in node.js, where it did not properly handle multi-value Relative Distinguished Names. This flaw allows a specially crafted x509 certificate to produce a false multi-value Relative Distinguished Name and to inject arbitrary data in node.js libraries...

5.3CVSS7.4AI score0.09358EPSS
Exploits1References5
OSV
OSV
added 2022/02/01 2:58 p.m.14 views

CLSA-2022-1643727489 Fix of CVE: CVE-2021-23840, CVE-2021-3712, CVE-2021-23841

CVE-2021-3712: openssl: Read buffer overruns processing ASN.1 strings - CVE-2021-23840: openssl: integer overflow in CipherUpdate - CVE-2021-23841: openssl: NULL pointer dereference in X509issuerandserialhash...

7.5CVSS7AI score0.50732EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/16 12:0 a.m.8 views

OpenSSL Code Issue Vulnerability

OpenSSL is an open source capable general-purpose cryptographic library from the Openssl team that implements the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. It supports a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, secure...

7.5CVSS6.8AI score0.50732EPSS
Exploits0References117
Citrix
Citrix
added 2016/09/13 12:0 a.m.7 views

Could not sign CSR Caused by: java.io.IOException: Could not obtain certificate (template=XenmobileTest). Reason: The format of the specified domain name is invalid. 0x800704bc (WIN32: 1212)

After configuring Client Certificate Authentication for XMS but you do not see an issued certificate on the Issuing Server 2016-08-18T12:49:32.19+0200 | | ERROR | http-nio-10443-exec-8 | EWSession | Exception on certificate issuer com.zenprise.zdm.pki.spi.IssuingServiceException: Could not sign C...

7.2AI score
Exploits0
CVE
CVE
added 2014/08/19 6:0 p.m.85 views

CVE-2014-3504

CVE-2014-3504 (Serf) affects the Serf SSL certificate handling in Serf 0.2.0–1.3.x prior to 1.3.7, where a NUL byte in a domain name within the certificate’s subject CN could allow a remote attacker to spoof an SSL server (MITM). The issue stems from improper parsing/validation of CN in X.509 cer...

4CVSS8AI score0.0315EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/10/26 12:0 a.m.8 views

SSL x.509 Certificate Issuer Detection (deprecated)

Binary data 7098.pasl...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/01/27 12:0 a.m.30 views

Fedora 13 : myproxy-5.3-1.fc13 (2011-0512)

Release 5.3 fixes a myproxy-logon security bug in MyProxy versions 5.0-5.2 that disabled server identity verification : The myproxy-logon program in MyProxy versions 5.0 through 5.2 does not enforce the check that the myproxy-server's certificate contains the expected hostname or identity. The...

4.3CVSS5.5AI score0.01585EPSS
Exploits0References7
Metasploit
Metasploit
added 2010/02/01 2:12 a.m.15 views

HTTP SSL Certificate Checker

This module will check the certificate of the specified web servers to ensure the subject and issuer match the supplied pattern and that the certificate is not expired. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

0.2AI score
Exploits0
Mozilla
Mozilla
added 2008/03/25 12:0 a.m.37 views

Privacy issue with SSL Client Authentication — Mozilla

Peter Brodersen and Alexander Klink independently reported that the default setting for SSL Client Authentication, automatically selecting a client certificate on behalf of the user, creates a potential privacy issue for users by allowing tracking through client certificates. For users who alread...

5CVSS1.8AI score0.01272EPSS
Exploits1References2Affected Software2
securityvulns
securityvulns
added 2007/12/13 12:0 a.m.32 views

OpenOffice: Duplicated, Unprotected Certificate Information shown in Signed ODF Documents

Affects: OpenOffice 2.3.0 and 2.2.0 and possibly older versions I. Background OpenOffice is a opensource suite containing several programs to handle Office documents like text documents or spreadsheets. The latest version uses an XML based document format ODF. OpenOffice allows documents to be...

0.4AI score
Exploits0
Rows per page
Query Builder