Lucene search
K

38 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.4 views

Ubuntu 18.04 LTS / 20.04 LTS : Dogtag PKI vulnerability (USN-8158-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8158-1 advisory. Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use...

8.1CVSS5.9AI score0.01187EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 9 : pki-core-11.5.0-2.el9_4.ML.1 (AXSA:2024-8488:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8488:02 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the MiracleLinux...

7.5CVSS5.6AI score0.00659EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2645

Malware in sbrugna...

4.3CVSS6.4AI score0.01373EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-3341

Malware in sbrugna...

5.5CVSS6.3AI score0.01163EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-3847

Malware in sbrugna...

4CVSS6.2AI score0.00781EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.54 views

RHEL 7 : pki-core (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bootstrap: XSS in the tooltip or popover data-template attribute CVE-2019-8331 - pki: Dogtag's python...

6.8CVSS6.8AI score0.1686EPSS
Exploits4References6
OSV
OSV
added 2022/02/16 5:15 p.m.3 views

DEBIAN-CVE-2021-3551

A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...

7.8CVSS7.1AI score0.00183EPSS
Exploits0References1
OSV
OSV
added 2018/07/27 6:29 p.m.4 views

UBUNTU-CVE-2017-2590

A vulnerability was found in ipa before 4.4. IdM's ca-del, ca-disable, and ca-enable commands did not properly check the user's permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of servic...

8.1CVSS6.7AI score0.01283EPSS
Exploits0References2
CNVD
CNVD
added 2018/07/05 12:0 a.m.2 views

Dogtag PKI has an unspecified vulnerability

Dogtag PKI is an enterprise-grade open source certificate authority system. The system supports features such as key archiving, OCSP Online Certificate Status Management and smart card management. A security vulnerability exists in the AAclAuthz.java file in Dogtag PKI 10.6.1 and earlier versions...

8.1CVSS7AI score0.01516EPSS
Exploits0References1
NVD
NVD
added 2014/01/24 4:55 p.m.25 views

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.5CVSS7.3AI score0.0222EPSS
Exploits0References5
NVD
NVD
added 2014/01/24 4:55 p.m.27 views

CVE-2013-1885

Multiple cross-site scripting XSS vulnerabilities in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 tus/ or 2 tus/tus/...

4.3CVSS5.8AI score0.01237EPSS
Exploits0References6
Prion
Prion
added 2014/01/24 4:55 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 tus/ or 2 tus/tus/...

4.3CVSS6.1AI score0.01237EPSS
Exploits0References6Affected Software2
Prion
Prion
added 2014/01/24 4:55 p.m.17 views

Format string

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.5CVSS7.8AI score0.0222EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2014/01/24 4:0 p.m.60 views

CVE-2013-1885

CVE-2013-1885 affects Red Hat Certificate System (RHCS) 8.1 (and possibly Dogtag Certificate System 9/10) via the pki-tps component. A cross-site scripting flaw allows remote attackers to inject arbitrary web script or HTML by manipulating PATH_INFO (to tus/ or tus/tus/). The issue stems from ins...

4.3CVSS5.8AI score0.01237EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2014/01/24 4:0 p.m.31 views

CVE-2013-1885

Multiple cross-site scripting XSS vulnerabilities in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 tus/ or 2 tus/tus/...

5.8AI score0.01237EPSS
Exploits0References6
Cvelist
Cvelist
added 2014/01/24 4:0 p.m.31 views

CVE-2013-1886

Format string vulnerability in the token processing system pki-tps in Red Hat Certificate System RHCS 8.1 and possibly Dogtag Certificate System 9 and 10 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via format string specifiers in...

7.3AI score0.0222EPSS
Exploits0References5
Fedora
Fedora
added 2012/12/21 12:5 p.m.24 views

[SECURITY] Fedora 16 Update: pki-core-9.0.25-1.fc16

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D || ABOUT "CERTIFICATE SYSTEM" || =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D Certificate System CS is an enterprise software system...

4.3CVSS1.3AI score0.01227EPSS
Exploits0
OpenVAS
OpenVAS
added 2012/12/18 12:0 a.m.18 views

Fedora Update for pki-core FEDORA-2012-20220

Check for the Version of pki-core OpenVAS Vulnerability Test Fedora Update for pki-core FEDORA-2012-20220 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.3CVSS6.4AI score0.01227EPSS
Exploits0References2
NVD
NVD
added 2012/08/13 8:55 p.m.20 views

CVE-2012-3367

Red Hat Certificate System RHCS before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority CA certificate...

5.5CVSS6.6AI score0.01163EPSS
Exploits1References8
Prion
Prion
added 2012/08/13 8:55 p.m.24 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Red Hat Certificate System RHCS before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the 1 System Agent or 2 End Entity pages...

4.3CVSS6AI score0.01373EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder