Lucene search
K

221 matches found

HackRead
HackRead
added 2022/08/25 12:31 a.m.15 views

LockBit ransomware gang blames victim for DDoS attack on its website

By Deeba Ahmed LockBit Ransomware Gang claims its leak site was hit by a massive DDoS attack allegedly carried out by security company Entrust. This is a post from HackRead.com Read the original post: LockBit ransomware gang blames victim for DDoS attack on its website...

1.9AI score
Exploits0
OSV
OSV
added 2021/12/06 3:22 p.m.5 views

CLSA-2021-1638804170 Fixed CVE-2021-43527 in nss

CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Update to CKBI 2.50 from NSS 3.67 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "AddTrust Low-Value Services Root" - Certificate "AddTrust...

9.8CVSS7AI score0.17563EPSS
Exploits0References1
OSV
OSV
added 2020/03/18 2:15 a.m.2 views

CVE-2020-10659

Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...

4.3CVSS5.6AI score0.00375EPSS
Exploits0References2
NVD
NVD
added 2020/03/18 2:15 a.m.9 views

CVE-2020-10659

Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...

4.3CVSS4.7AI score0.00375EPSS
Exploits0References2
Prion
Prion
added 2020/03/18 2:15 a.m.11 views

Code injection

Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...

4CVSS4.7AI score0.00375EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/03/18 1:40 a.m.16 views

CVE-2020-10659

Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...

4.7AI score0.00375EPSS
Exploits0References2
CVE
CVE
added 2020/03/18 1:40 a.m.88 views

CVE-2020-10659

CVE-2020-10659 affects Entrust Entelligence Security Provider (ESP) on Windows, specifically versions before 10.0.60. The root cause is mishandling errors during SSL certificate validation, which can allow a user to continue interacting with a site that has an invalid certificate chain. The provi...

4.3CVSS4.6AI score0.00375EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/07/11 12:0 a.m.1 views

Entrust Datacard Syntera CS Cross-Site Scripting Vulnerability

Entrust Datacard Syntera CS is an integrated suite for connecting Datacard distribution systems and specialized software from Entrust Datacard USA. A cross-site scripting vulnerability exists in version 5.x of Entrust Datacard Syntera CS. The vulnerability can be exploited by a remote attacker to...

6.1CVSS6.2AI score0.00655EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2018/07/05 5:29 p.m.2 views

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

6.1CVSS5.4AI score0.00655EPSS
Exploits0References2
OSV
OSV
added 2018/07/05 5:29 p.m.2 views

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

6.1CVSS5.8AI score0.00655EPSS
Exploits0References1
NVD
NVD
added 2018/07/05 5:29 p.m.11 views

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

6.1CVSS6AI score0.00655EPSS
Exploits0References1
Prion
Prion
added 2018/07/05 5:29 p.m.14 views

Design/Logic Flaw

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

4.3CVSS6AI score0.00655EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/07/05 5:0 p.m.18 views

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

6.1AI score0.00655EPSS
Exploits0References1
CVE
CVE
added 2018/07/05 5:0 p.m.38 views

CVE-2018-13252

Entrust Datacard Syntera CS 5.x is affected by a Cross-Site Scripting (XSS) vulnerability in the login page, exploitable via the name field of the omain or Computer Name field. The Connected CNVD entry confirms a 5.x version impact and remote code execution is described as possible through the ...

6.1CVSS6AI score0.00655EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/10/12 12:0 a.m.15 views

Windows Phone7 < 7.10.8107 Out-of-Date SSL Certificate Blacklist

Binary data windowsphone7108107.nbin...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2011/11/11 12:0 a.m.7 views

Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability (2641690)

Microsoft Windows operating system is prone to a spoofing vulnerability. This VT has been superseded by KB2718704 which is addressed in the VT SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

6.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2011/11/10 12:0 a.m.19 views

Debian DSA-2343-1 : openssl - CA trust revocation

Several weak certificates were issued by Malaysian intermediate CA'Digicert Sdn. Bhd.' This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA's cross-signed certificates. This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this decision ...

5.4AI score
Exploits0References2
OSV
OSV
added 2011/11/09 12:0 a.m.14 views

DSA-2343-1 openssl - CA trust revocation

Bulletin has no description...

7.2AI score
Exploits0
NVD
NVD
added 2007/08/29 10:17 p.m.21 views

CVE-2007-4594

Entrust Entelligence Security Provider ESP 8 does not properly validate certificates in certain circumstances involving 1 a chain that omits the root Certification Authority CA certificate, or an application that specifies disregarding 2 unknown revocation statuses during path validation or 3...

6.4CVSS6.2AI score0.00628EPSS
Exploits0References3
Prion
Prion
added 2007/08/29 10:17 p.m.18 views

Design/Logic Flaw

Entrust Entelligence Security Provider ESP 8 does not properly validate certificates in certain circumstances involving 1 a chain that omits the root Certification Authority CA certificate, or an application that specifies disregarding 2 unknown revocation statuses during path validation or 3...

6.4CVSS6.8AI score0.00628EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder