Lucene search
+L

438 matches found

vulnrichment
vulnrichment
added 2025/08/01 5:52 p.m.5 views

CVE-2025-6037 Vault Certificate Auth Method Did Not Validate Common Name For Non-CA Certificates

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

6.8CVSS6.3AI score0.00221EPSS
Exploits0References1
attackerkb
attackerkb
added 2025/08/01 5:52 p.m.3 views

CVE-2025-6037

Vault and Vault Enterprise “Vault” TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as +trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/certcertificate. In this configuration, an attacker may be able to...

6.8CVSS5.7AI score0.00221EPSS
Exploits0References2
nvd
nvd
added 2025/07/10 5:15 p.m.11 views

CVE-2025-23048

In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of...

9.1CVSS0.0097EPSS
Exploits1References4
osv
osv
added 2025/07/10 5:15 p.m.4 views

UBUNTU-CVE-2025-23048

In some modssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when modssl is configured for multiple virtual hosts, with each restricted to a different set of...

9.1CVSS7.1AI score0.0097EPSS
Exploits1References6
nessus
nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: stunnel (TSSA-2022:0220)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0220 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.1AI score0.01179EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/22 10:45 p.m.5 views

CVE-2022-29222

Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only. The connection...

7.5CVSS6.7AI score0.00749EPSS
Exploits0References1
nessus
nessus
added 2025/03/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2021-3698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon SSSD...

7.5CVSS7.2AI score0.00665EPSS
Exploits0References3
osv
osv
added 2025/02/24 11:0 a.m.4 views

USN-7285-1 nginx vulnerability

It was discovered that nginx incorrectly handled when multiple server blocks are configured to share the same IP address and port. An attacker could use this issue to use session resumption to bypass client certificate authentication requirements on these servers. This issue only affected Ubuntu...

5.3CVSS7.1AI score0.02646EPSS
Exploits0References3
osv
osv
added 2024/12/09 10:43 p.m.9 views

GHSA-JPMC-7P9C-4RXF lxd has a restricted TLS certificate privilege escalation when in PKI mode

Summary If a server.ca file is present in LXDDIR at LXD start up, LXD is in "PKI mode". In this mode, all clients must have certificates that have been signed by the CA. The LXD configuration option core.trustcacertificates defaults to false. This means that although the client certificate has be...

3.8CVSS4.1AI score0.00156EPSS
Exploits1References7
osv
osv
added 2024/11/12 5:15 p.m.8 views

UBUNTU-CVE-2024-49369

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS5.8AI score0.02934EPSS
Exploits1References10
cvelist
cvelist
added 2024/11/12 4:44 p.m.59 views

CVE-2024-49369 Icinga 2 has a TLS Certificate Validation Bypass for JSON-RPC and HTTP API Connections

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0 was flawed, allowing an attacker to impersonate both trusted clust...

9.8CVSS0.02934EPSS
Exploits1References7
redhat
redhat
added 2024/09/03 8:0 p.m.5 views

golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to...

5.9CVSS7.3AI score0.00667EPSS
Exploits0References11
osv
osv
added 2024/08/22 7:45 p.m.35 views

BIT-VALKEY-2021-32675 DoS vulnerability in Redis

Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to user-specified values which determine the number of elements in the multi-bulk header and size of each element in the bulk header. ...

7.5CVSS8.1AI score0.1578EPSS
Exploits0References11
nessus
nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 6 : dovecot (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: Buffer overflow in indexer-worker process results in privilege escalation CVE-2019-7524 - A...

3.3CVSS5.8AI score0.02462EPSS
Exploits2References3
osv
osv
added 2024/05/14 11:20 a.m.4 views

USN-6772-1 strongswan vulnerability

Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls...

7.7CVSS5.8AI score0.00468EPSS
Exploits0References2
nvd
nvd
added 2024/05/03 2:15 a.m.24 views

CVE-2023-27336

Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

7.5CVSS7.5AI score0.00754EPSS
Exploits0References1
cve
cve
added 2024/05/03 2:11 a.m.61 views

CVE-2023-41185

The CVE-2023-41185 issue affects Unified Automation UaGateway. The vulnerability is in the processing of client certificates where the certificate length field is not properly validated, allowing an integer overflow that can cause a denial-of-service. Authentication is not required. Exploitation ...

8.6CVSS8.4AI score0.00754EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2024/05/03 1:56 a.m.28 views

CVE-2023-32170 Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability

Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. User interaction is required to exploit this...

6.5CVSS6.6AI score0.00588EPSS
Exploits0References2
cve
cve
added 2024/05/03 1:55 a.m.60 views

CVE-2023-27336

CVE-2023-27336 affects Softing edgeConnector Siemens OPC UA Server via a NULL pointer dereference in the handling of OPC client certificates. This unauthenticated, network-exploitable vulnerability can cause a denial-of-service condition on affected installations. The documented impact is limited...

7.5CVSS7.4AI score0.00754EPSS
Exploits0References1Affected Software3
vulnrichment
vulnrichment
added 2024/05/03 1:55 a.m.17 views

CVE-2023-27336 Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability

Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this...

7.5CVSS6.6AI score0.00754EPSS
Exploits0References1
Rows per page
Query Builder