15 matches found
MiracleLinux 7 : pki-core-10.5.18-12.el7 (AXSA:2021-1610:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1610:01 advisory. pki-core: Unprivileged users can renew any certificate CVE-2021-20179 pki-core: XSS in the certificate search results CVE-2020-25715 pki-core:...
SUSE SLES12: libfreebl3 / libfreebl3-32bit / libsoftokn3 / libsoftokn3-32bit / etc (SUSE-SU-2025:3759-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:3759-1 advisory. - Move NSS DB password hash away from SHA-1 Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as man...
SUSE SLES15: libfreebl3 / libfreebl3-32bit / libsoftokn3 / libsoftokn3-32bit / etc (SUSE-SU-2025:3760-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:3760-1 advisory. - Move NSS DB password hash away from SHA-1. Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has...
Security update for mozilla-nss
This update for mozilla-nss fixes the following issues: Move NSS DB password hash away from SHA-1. Update to NSS 3.112.2: Prevent leaks during pkcs12 decoding. SECASN1Decode should ensure it has read as many bytes as each length field indicates Update to NSS 3.112.1: restore support for finding...
EUVD-2012-4484
Malware in sbrugna...
Lobo Guará - Cyber Threat Intelligence Platform
Lobo Guará is a platform aimed at cybersecurity professionals, with various features focused on Cyber Threat Intelligence CTI. It offers tools that make it easier to identify threats, monitor data leaks, analyze suspicious domains and URLs, and much more. Features 1. SSL Certificate Search Allows...
pki-core: XSS in the certificate search results
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity...
pki-core: XSS in the certificate search results
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity...
RHEL 7 : pki-core (RHSA-2021:0975)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0975 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: pki-core:...
pki-core: XSS in the certificate search results
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity...
pki-core: XSS in the certificate search results
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity...
SQL Injection Vulnerability in the Certificate Search Function of waychar Enrollment System
Waychar Registration System is a free race registration system. A SQL injection vulnerability exists in the certificate lookup function of the waychar registration system, which can be exploited by an attacker to obtain sensitive information from the database...
pki-core: XSS in the certificate search results
A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject code into the search query form which can get automatically executed. The highest threat from this vulnerability is to data integrity...
CVE-2012-4556
The token processing system pki-tps in Red Hat Certificate System RHCS before 8.1.3 allows remote attackers to cause a denial of service Apache httpd web server child process restart via certain unspecified empty search fields in a user certificate search query...
Fedora Core 5 : fetchmail-6.3.6-1.fc5 (2007-041)
Sat Jan 6 2007 Miloslav Trmac - 6.3.6-1 - Update to fetchmail-6.3.6 CVE-2006-5867, CVE-2006-5974 - Wed Nov 1 2006 Miloslav Trmac - 6.3.5-1 - Update to fetchmail-6.3.5 - Fix some rpmlint warnings - Sun Sep 24 2006 Miloslav Trmac - 6.3.4-2 - Don't increase the certificate search path on each poll...