Lucene search
K

6 matches found

Hacker One
Hacker One
added 2026/05/14 10:40 a.m.34 views

curl: rustls backend silently ignores CURLOPT_CRLFILE when native CA store is active

Hi all, When the rustls backend is configured to use the OS native CA store --ca-native / CURLSSLOPTNATIVECA, any CRL file supplied via --crlfile / CURLOPTCRLFILE is silently ignored. The option is accepted — CURLEOK from curleasysetopt, exit 0 from the command line — and revoked certificates pas...

5.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2022/10/25 12:0 a.m.29 views

GnuPG libksba CRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GnuPG libksba. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of CRL...

8.1CVSS5.8AI score0.01635EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.31 views

Fedora 29 : mosquitto (2019-d99e2329cb)

1.6.7 ===== Broker : - Add workaround for working with libwebsockets 3.2.0. - Fix potential crash when reloading config. Client library : - Don't use / in autogenerated client ids, to avoid confusing with topics. - Fix mosquittomaxinflightmessagesset and mosquittointoption..., MOSQOPTMAX,...

6.5CVSS6.9AI score0.02742EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.48 views

Fedora 31 : mosquitto (2019-4c69fb4cd7)

1.6.7 ===== Broker : - Add workaround for working with libwebsockets 3.2.0. - Fix potential crash when reloading config. Client library : - Don't use / in autogenerated client ids, to avoid confusing with topics. - Fix mosquittomaxinflightmessagesset and mosquittointoption..., MOSQOPTMAX,...

6.5CVSS6.9AI score0.02742EPSS
Exploits0References2
NVD
NVD
added 2011/07/01 10:55 a.m.17 views

CVE-2011-2633

Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service application crash via vectors involving a Certificate Revocation List CRL file, as demonstrated by the multicert-ca-02.crl file...

5CVSS7.2AI score0.01337EPSS
Exploits0References3
CVE
CVE
added 2011/07/01 10:0 a.m.50 views

CVE-2011-2633

Opera browser contains a vulnerability tracked as CVE-2011-2633 (part of a set of Opera CVEs in 2011) where processing a Certificate Revocation List (CRL) file can cause an application crash resulting in denial of service. The initial entry specifies Opera before 11.11; Gentoo GLSA 201206-03 and ...

5CVSS7AI score0.01337EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder