Lucene search
K

20 matches found

CNNVD
CNNVD
added 2026/05/07 12:0 a.m.13 views

Ivanti EPMM 信任管理问题漏洞

Ivanti EPMM is a product developed by the American company Ivanti, designed to help IT departments establish policies for mobile devices, applications, and content. Versions of Ivanti EPMM prior to 12.6.1.1, 12.7.0.1, and 12.8.0.1 contained vulnerabilities related to trust management. These...

9.1CVSS5.8AI score0.00686EPSS
Exploits0References1
OSV
OSV
added 2026/01/30 5:15 p.m.7 views

CLEANSTART-2026-HT23337 flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm

Security vulnerability affects the gnupg package. A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm...

9.8CVSS5.4AI score0.0105EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/08/23 8:13 p.m.5 views

CVE-2025-55229

Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network...

5.3CVSS7AI score0.00449EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:19 a.m.5 views

SUSE CVE-2004-2761

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

9.8CVSS9AI score0.09854EPSS
Exploits0References3
CVE
CVE
added 2022/09/19 7:43 p.m.215 views

CVE-2022-29835

CVE-2022-29835 concerns WD Discovery: WD Discovery Desktop App on Mac and Windows prior to 4.4.396 are signed with an unsafe SHA-1 hashing algorithm, enabling potential forged certificate signatures and compromising user content confidentiality. The issue affects WD Discovery software prior to ve...

5.3CVSS5.2AI score0.00163EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/05/05 12:0 a.m.6 views

PT-2022-3499 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 13.10.6 XWiki Platform versions prior to 14.3.1 XWiki Platform versions prior to 14.4-rc-1 Description: The XWiki Crypto API generates X509 certificates signed by default using SHA1 with RSA, which is not...

10CVSS9.4AI score0.00385EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2020/04/20 12:0 a.m.59 views

Huawei EulerOS: Security Advisory for gnupg2 (EulerOS-SA-2020-1504)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.0105EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2020/03/30 2:14 p.m.30 views

CVE-2019-14855

A flaw was found in OpenPGP Key Certification Forgeries in the way certificate signatures could be forged by using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures...

7.5CVSS1.8AI score0.0105EPSS
Exploits1References4
NVD
NVD
added 2020/03/20 4:15 p.m.18 views

CVE-2019-14855

A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18...

7.5CVSS6AI score0.0105EPSS
Exploits1References5
OSV
OSV
added 2020/03/20 4:15 p.m.5 views

UBUNTU-CVE-2019-14855

A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18...

7.5CVSS6.7AI score0.0105EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2020/03/20 4:15 p.m.40 views

CVE-2019-14855

A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18...

7.5CVSS6.4AI score0.0105EPSS
Exploits1References3
CVE
CVE
added 2020/03/20 12:0 a.m.269 views

CVE-2019-14855

CVE-2019-14855 concerns GnuPG signatures forged via SHA-1 collisions. The connected documents consistently state affected versions are before 2.2.18 and indicate remediation is upgrading to GNUPG 2.2.18+ (e.g., advisories for Astra Linux, Ubuntu USN-4516-1, various Nessus entries) with notes that...

7.5CVSS7.2AI score0.0105EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2010/11/08 8:9 p.m.4 views

MD5: MD5 Message-Digest Algorithm is not collision resistant

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

5CVSS6.5AI score0.09854EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2010/03/25 12:0 a.m.60 views

gnutls security update

1.4.1-3.8 - fix safe renegotiation on SSL3 protocol 1.4.1-3.7 - implement safe renegotiation - CVE-2009-3555 533125 - do not allow MD2 in certificate signatures by default - CVE-2009-2409 510197...

5.8CVSS3.9AI score0.87264EPSS
Exploits14
OpenVAS
OpenVAS
added 2009/06/15 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-785-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.5AI score0.11631EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2009/06/09 5:52 p.m.60 views

USN-785-1: ipsec-tools vulnerabilities

It was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. CVE-2009-1574 It was discovered that ipsec-tools did not properly handle memory usage when verifying certifica...

5CVSS5.1AI score0.11631EPSS
Exploits2
ATTACKERKB
ATTACKERKB
added 2009/01/05 8:30 p.m.2 views

CVE-2004-2761

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

9.8CVSS6.7AI score0.09854EPSS
Exploits0References31
Vulnrichment
Vulnrichment
added 2009/01/05 8:0 p.m.4 views

CVE-2004-2761

The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate...

6.6AI score0.09854EPSS
Exploits0References26
Positive Technologies
Positive Technologies
added 2009/01/05 12:0 a.m.3 views

PT-2009-1143

Name of the Vulnerable Software and Affected Versions MD5 affected versions not specified Description The MD5 Message-Digest Algorithm lacks collision resistance, making it easier for attackers to conduct spoofing attacks. This issue has been demonstrated through attacks on the use of MD5 in the...

9.8CVSS6.5AI score0.09854EPSS
Exploits0References39
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.33 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : mozilla-thunderbird vulnerabilities (USN-382-1)

USN-352-1 fixed a flaw in the verification of PKCS certificate signatures. Ulrich Kuehn discovered a variant of the original attack which the original fix did not cover. CVE-2006-5462 Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by trickin...

7.5CVSS7.5AI score0.05531EPSS
Exploits0References7
Rows per page
Query Builder