DEBIAN-CVE-2026-44167

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files eg. X509 certificates, RSA PKCS8 private or public keys, etc. This is a bypass of CVE-2024-27355. This vulnerability is fixed in 1.0.29, 2.0.54, and 3.0.52...

CVE-2026-32324

Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at scale...

EUVD-2025-201925

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP4. Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing any user with server access to read these keys. This could allow an authenticated attacker to...

PT-2025-49836

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP4. Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing any user with server access to read these keys. This could allow an authenticated attacker to...

CVE-2025-41659 CODESYS Control PKI Exposure Enables Remote Certificate Access

A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted...

CVE-2023-22875

IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356...

golang: crypto/tls: slow verification of certificate chains containing large RSA keys

A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying...

OESA-2023-1530 golang security update

The Go Programming Language. Security Fixes: Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trust...

AZL-27814 CVE-2023-29409 affecting package msft-golang for versions less than 1.20.7-1

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three...

CVE-2023-22875

IBM QRadar SIEM 7.4 and 7.5copies certificate key files used for SSL/TLS in the QRadar web user interface to managed hosts in the deployment that do not require that key. IBM X-Force ID: 244356...

PT-2023-1503 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.4 through 7.5 Description: The issue is related to the disclosure of information in the IBM QRadar SIEM system. It allows an attacker to expose protected information. The problem arises from the copying of certifica...

CVE-2022-25290

WatchGuard Firebox and XTM appliances allow an authenticated remote attacker with unprivileged credentials to retrieve certificate private keys. This vulnerability impacts Fireware OS before 12.7.2U2, 12.x before 12.1.3U8, and 12.2.x through 12.5.x before 12.5.9U2...

Replicated 信息泄露漏洞

Replicated is a management software from Replicated, Inc. in the United States. It provides software vendors with a container-based platform for rapidly deploying cloud-native applications in customer environments to provide greater security and control. A security vulnerability exists in...

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2537-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2537-1 advisory. It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to...

Ubuntu: Security Advisory (USN-2537-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2537-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. CVE-2015-0209 Stephen Henson discovered that OpenSSL incorrectly handled...

Fedora 19 : openssh-6.2p2-8.fc19 (2014-6569)

environment variables with embedded '=' or '0' characters are now ignored - prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys - /etc/ssh/moduli is readable by all now - ssh-copy-id is run in so called legacy mode when SSHCOPYIDLEGACY...