Lucene search
K

74 matches found

OpenVAS
OpenVAS
added 2026/04/09 12:0 a.m.4 views

Ubuntu: Security Advisory (USN-8158-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.3AI score0.01187EPSS
Exploits0References2
OSV
OSV
added 2026/04/08 7:25 p.m.5 views

USN-8158-1 dogtag-pki vulnerability

Fraser Tweedale and Geetika Kapoor discovered that Dogtag PKI could renew a certificate without proper authentication. An attacker could possibly use this to repeatedly renew a compromised certificate and maintain unauthorized access to a system or resource...

8.1CVSS6.1AI score0.01187EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-11732

Malware in sbrugna...

8.1CVSS7.7AI score0.01516EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7706

Malware in sbrugna...

6.8CVSS6.4AI score0.01009EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-54575

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00659EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2018-1080

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules...

8.1CVSS7.4AI score0.01516EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2020-15720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-code...

6.8CVSS7.3AI score0.01009EPSS
Exploits0References3
Redos
Redos
added 2025/01/09 12:0 a.m.5 views

ROS-20250109-02

Vulnerability in dogtag-pki and pki-core packages is related to incorrect input validation during query processing LDAP. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the authentication process. authentication...

7.5CVSS7.4AI score0.00659EPSS
Exploits0
OSV
OSV
added 2024/12/10 8:54 a.m.3 views

USN-7146-1 dogtag-pki vulnerabilities

Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. This issue only affected Ubuntu 16.04 LTS. CVE-2017-753...

7.5CVSS6.5AI score0.85323EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2024/12/10 12:0 a.m.14 views

Ubuntu: Security Advisory (USN-7146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.85323EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2024/12/10 12:0 a.m.20 views

Ubuntu 16.04 LTS / 22.04 LTS : Dogtag PKI vulnerabilities (USN-7146-1)

The remote Ubuntu 16.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7146-1 advisory. Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this...

7.5CVSS7.2AI score0.85323EPSS
Exploits5References4
Amazon
Amazon
added 2024/07/11 12:0 a.m.7 views

Important: pki-core

Issue Overview: A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to...

7.5CVSS7.3AI score0.00659EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/07/09 9:23 a.m.5 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/07/09 8:55 a.m.3 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/07/08 11:26 a.m.4 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/07/02 3:23 p.m.5 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/06/30 2:55 a.m.3 views

SUSE CVE-2023-4727

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS7.1AI score0.00659EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/06/27 2:35 p.m.4 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/27 2:14 p.m.6 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/06/24 3:52 p.m.6 views

ca: token authentication bypass vulnerability

A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escalation of privilege...

7.5CVSS5.8AI score0.00659EPSS
Exploits0References7
Rows per page
Query Builder