Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-10221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused ...

6.1CVSS6.8AI score0.01289EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/10/31 2:34 a.m.3 views

SUSE CVE-2019-10221

A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a...

6.1CVSS6.6AI score0.01289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.44 views

EulerOS 2.0 SP2 : pki-core (EulerOS-SA-2021-2424)

According to the versions of the pki-core packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in pki-core. A specially crafted POST request can be used to reflect a DOM-based cross-site scripting XSS attack to inject co...

6.1CVSS7.2AI score0.01289EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.33 views

Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1831)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.87218EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/03/24 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for pki-core (EulerOS-SA-2021-1698)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.8AI score0.01289EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/18 12:0 a.m.49 views

CentOS 7 : pki-core (RHSA-2021:0851)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0851 advisory. - A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not...

8.1CVSS6.8AI score0.01289EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/03/17 12:0 a.m.30 views

Oracle Linux 7 : pki-core (ELSA-2021-0851)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0851 advisory. - Bugzilla Bug 1724697 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS certificatesystem9-default edewata, asche...

8.1CVSS6.1AI score0.01289EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2021/03/16 1:53 p.m.61 views

Important: Red Hat Security Advisory: pki-core security and bug fix update

An update for pki-core is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

8.1CVSS6.8AI score0.8383EPSS
Exploits7References8
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.130 views

CentOS 8 : pki-core:10.6 and pki-deps:10.6 (CESA-2020:4847)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4847 advisory. - jquery: Cross-site scripting via cross-domain ajax requests CVE-2015-9251 - bootstrap: XSS in the data-target attribute CVE-2016-10735 - bootstrap:...

9.8CVSS7.5AI score0.9927EPSS
Exploits65References14
CVE
CVE
added 2020/03/20 1:55 p.m.233 views

CVE-2019-10221

CVE-2019-10221 is a reflected XSS vulnerability in the pki-core suite, specifically the pki-ca module, caused by unsanitized GET URL parameters. The issue existed across all 10.x.x versions of pki-core and could be triggered by a specially crafted link viewed by an authenticated user in a browser...

6.1CVSS6.7AI score0.01289EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder