9 matches found
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1831)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : pki-core (RHSA-2021:0851)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0851 advisory. - A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not...
Oracle Linux 7 : pki-core (ELSA-2021-0851)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0851 advisory. - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS certificatesystem9-default edewata, asche...
Important: Red Hat Security Advisory: pki-core security and bug fix update
An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4847 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...
Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2020-2560)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-10179
creationtimestamp| type| source ---|---|--- 2020-03-20 17:32:18+00:00| seen| https://t.me/cibsecurity/10655...
CVE-2019-10179
CVE-2019-10179 affects all pki-core 10.x.x versions, specifically the Key Recovery Authority (KRA) Agent Service. The root cause is improper sanitization of the recovery request search page on the KRA, enabling a Reflected Cross Site Scripting (XSS) vulnerability. An authenticated user could be t...
CVE-2019-10179
It was found that the Key Recovery Authority KRA Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site Scripting XSS vulnerability. An attacker could trick an authenticated victim into executing specially crafted Javascript code...