Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1831)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.87218EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2021/03/18 12:0 a.m.48 views

CentOS 7 : pki-core (RHSA-2021:0851)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0851 advisory. - A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not...

8.1CVSS6.8AI score0.01289EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.29 views

Oracle Linux 7 : pki-core (ELSA-2021-0851)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0851 advisory. - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS certificatesystem9-default edewata, asche...

8.1CVSS6.1AI score0.01289EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2021/03/16 1:53 p.m.61 views

Important: Red Hat Security Advisory: pki-core security and bug fix update

An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS6.8AI score0.8383EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.130 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4847 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

9.8CVSS7.5AI score0.9927EPSS
Exploits65References14
OpenVAS
OpenVAS
added 2020/12/15 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2020-2560)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS7.4AI score0.87218EPSS
Exploits4References2
NVD
NVD
added 2020/03/18 3:15 p.m.20 views

CVE-2019-10146

A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An attacker could inject a specially crafted value that will be executed on the victim's browser...

4.7CVSS5.1AI score0.00661EPSS
Exploits0References1
CVE
CVE
added 2020/03/18 2:47 p.m.199 views

CVE-2019-10146

CVE-2019-10146 is confirmed in multiple advisories (e.g., MiracleLinux, NewStart CGSL, EulerOS) tied to pki-core 10.x.x. The flaw is a Reflected XSS in the CA Agent page caused by improper sanitization of the certificate request page, allowing an attacker to inject payloads executed in the victim...

4.7CVSS5.4AI score0.00661EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder