Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2015-3448

Malware in sbrugna...

4CVSS6.4AI score0.00699EPSS
Exploits0References6
Mageia
Mageia
added 2025/07/11 6:52 p.m.6 views

Updated gnupg2 packages fix security vulnerabilities

Key validity not computed when key is certified by a trusted "certify-only" key regression due to patch for CVE-2025-30258...

7.3AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.5 views

SUSE CVE-2018-9234

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...

2.2CVSS7.6AI score0.02082EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2022/08/17 9:13 p.m.278 views

Exploit for Improper Certificate Validation in Microsoft

CVE-2022-26923-Powershell-POC A powershell poc to load and aut...

9CVSS9.5AI score0.83277EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.25 views

EulerOS Virtualization 3.0.6.6 : gnupg2 (EulerOS-SA-2021-1479)

According to the version of the gnupg2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which resul...

7.5CVSS6.9AI score0.02082EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2020/01/06 9:33 p.m.27 views

CVE-2018-9234

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...

7.5CVSS2.7AI score0.02082EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/06/12 12:0 a.m.36 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GnuPG vulnerabilities (USN-3675-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3675-1 advisory. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when...

7.5CVSS7.2AI score0.08654EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2018/04/04 12:29 a.m.4 views

CVE-2018-9234

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...

7.5CVSS5.5AI score0.02082EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2018/04/03 12:0 a.m.24 views

CVE-2018-9234

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey...

7.5CVSS6.8AI score0.02082EPSS
Exploits0References2
CNVD
CNVD
added 2015/04/23 12:0 a.m.3 views

Multiple Vulnerabilities in Drupal Certify

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. An access restriction and information disclosure vulnerability exists in Drupal Certify. Allow attackers to exploit this vulnerability to bypass security restrictions and...

4CVSS6.3AI score0.00699EPSS
Exploits0References1
NVD
NVD
added 2015/04/22 10:59 p.m.12 views

CVE-2015-3404

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...

4CVSS5.9AI score0.00699EPSS
Exploits0References5
Prion
Prion
added 2015/04/22 10:59 p.m.13 views

Design/Logic Flaw

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...

4CVSS6.4AI score0.00699EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2015/04/22 10:0 p.m.50 views

CVE-2015-3404

The vulnerability CVE-2015-3404 affects the Drupal Certify module (before 6.x-2.3). The module fails to perform proper node access checks when showing or creating PDF certificates, allowing remote authenticated users to bypass access restrictions and view sensitive PDF certificate information. Af...

4CVSS6AI score0.00699EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/04/22 10:0 p.m.17 views

CVE-2015-3404

The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF certificate information via vectors related to "showing and creating the PDF certificates."...

5.9AI score0.00699EPSS
Exploits0References5
Drupal
Drupal
added 2015/01/28 12:0 a.m.16 views

SA-CONTRIB-2015-033 - Certify - Access bypass and information disclosure

Certify enables you to automatically issue PDF certificates to users upon completion of a set of conditions. The module does not sufficiently check node access when showing and creating the PDF certificates. This can lead to users seeing certificates they should not have access to. This...

4CVSS6.3AI score0.00699EPSS
Exploits0References11
ThreatPost
ThreatPost
added 2012/02/15 7:15 p.m.9 views

Cybersecurity Act of 2012 Introduced Without Emergency Presidential Powers Provisions

A bipartisan group of Senators introduced the Cybersecurity Act of 2012 yesterday. The bill aims to secure federal and private sector networks that provide essential services or that are deemed “critical” to the nation in some other way. According to a Homeland Security and Government Affairs...

1.1AI score
Exploits0References3
Rows per page
Query Builder