CVE-2026-44930

A flaw was found in Apache CXF. A remote attacker could exploit an LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server. This vulnerability allows the attacker to retrieve arbitrary certificates from the repository, leading to information disclosure. Mitigation...

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the LdapCertificateRepo of the XKMS server. An attacker can retrieve arbitrary certificates from the repository by injecting crafted LDAP queries. Remediation Upgrade...

CVE-2026-44930

An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

CVE-2026-44930 Apache CXF: LDAP Injection vulnerability in XKMS LDAP Repository

An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

CVE-2026-44930 Apache CXF: LDAP Injection vulnerability in XKMS LDAP Repository

An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this issue...

PT-2026-42755

Name of the Vulnerable Software and Affected Versions Apache CXF versions prior to 4.2.1 Apache CXF versions prior to 4.1.6 Apache CXF versions prior to 3.6.11 Description An LDAP injection issue exists in the LDAP Certificate repository of the XKMS server. This allows an attacker to retrieve...

Linux Distros Unpatched Vulnerability : CVE-2026-31698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed When retrieving the PDH cert, don't attempt to copy the blobs to userspace if the...

CVE-2026-31698

A flaw was found in the Linux kernel's crypto subsystem, specifically within the ccp driver. A local user could exploit this vulnerability when attempting to retrieve the Platform DH PDH certificate. If a firmware command fails due to an invalid length, the driver may attempt to copy data to...

LDAP Injection

Overview Affected versions of this package are vulnerable to LDAP Injection via the parseDN handling and the LDAP store helpers in X509LDAPCertStoreSpi and LDAPStoreHelper. An attacker can influence LDAP search filters by supplying a crafted X.500 subject or issuer string that is parsed into an...

EUVD-2025-206394

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

“Failed to retrieve certificate” When Adding AWS Snowball Edge Device

Article Applicability The error message documented in this article can also occur when the Service point specified is invalid or cannot be reached due to a firewall, which is documented in KB4328. This article is specifically regarding a situation in which the correct Service point has been...

Medium: python3.9

Issue Overview: A defect was discovered in the Python "ssl" module where there is a memory race condition with the ssl.SSLContext methods "certstorestats" and "getcacerts". The race condition can be triggered if the methods are called at the same time as certificates are loaded into the SSLContex...

Citrix License server unavailable on Studio with Error: XDDS:796F2703

The license server is marked as unavailable on Studio even though the license server is up and running The error received when trying to connect to the license server is as follows, An error occurred while retrieving the certificate for the license server at this address. Further error details ar...

Citrix Licensing: Studio unable to connect to Licensing server - Untrusted server

1. Unable to connect to Citrix Licensing server from Studio getting "Untrusted server". 2. Getting "An error occurred while retrieving the certificate for the license server at this address". 3. Error Id: XDDS:BD69C800 DesktopStudioErrorId : UnknownError ErrorCategory : ResourceUnavailable...

Portainer has an unspecified vulnerability

Portainer is a lightweight user management interface for managing Docker environments and Docker hosts. A security vulnerability exists in Portainer versions prior to 1.20.0. An attacker can exploit the vulnerability to retrieve stored LDAP certificates...

MultiTech FaxFinder Trust Management Vulnerability

MultiTech FaxFinder is a fax server appliance from MultiTech Systems, USA. A security vulnerability exists in versions of MultiTech FaxFinder prior to 4.1.2. A remote attacker can exploit the vulnerability to retrieve certificates...

TP-Link TL-SG108E Certificate Disclosure Vulnerability

The TP-Link TL-SG108E is a Gigabit Ethernet switch. A security vulnerability exists in the TP-Link TL-SG108E. A remote attacker can exploit the vulnerability to read 'SEND data' logs and retrieve certificates...

ipa: weakness when initiating join from IPA client can potentially compromise IPA domain

The client in FreeIPA 2.x and 3.x before 3.1.2 does not properly obtain the Certification Authority CA certificate from the server, which allows man-in-the-middle attackers to spoof a join procedure via a crafted certificate...