221 matches found
LockBit ransomware gang blames victim for DDoS attack on its website
By Deeba Ahmed LockBit Ransomware Gang claims its leak site was hit by a massive DDoS attack allegedly carried out by security company Entrust. This is a post from HackRead.com Read the original post: LockBit ransomware gang blames victim for DDoS attack on its website...
CLSA-2021-1638804170 Fixed CVE-2021-43527 in nss
CVE-2021-43527: Fix memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Update to CKBI 2.50 from NSS 3.67 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "AddTrust Low-Value Services Root" - Certificate "AddTrust...
CVE-2020-10659
Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...
CVE-2020-10659
Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...
Code injection
Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...
CVE-2020-10659
Entrust Entelligence Security Provider ESP before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where for example a user continues to interact with a web site that has an invalid certificate chain...
CVE-2020-10659
CVE-2020-10659 affects Entrust Entelligence Security Provider (ESP) on Windows, specifically versions before 10.0.60. The root cause is mishandling errors during SSL certificate validation, which can allow a user to continue interacting with a site that has an invalid certificate chain. The provi...
Entrust Datacard Syntera CS Cross-Site Scripting Vulnerability
Entrust Datacard Syntera CS is an integrated suite for connecting Datacard distribution systems and specialized software from Entrust Datacard USA. A cross-site scripting vulnerability exists in version 5.x of Entrust Datacard Syntera CS. The vulnerability can be exploited by a remote attacker to...
CVE-2018-13252
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...
CVE-2018-13252
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...
CVE-2018-13252
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...
Design/Logic Flaw
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...
CVE-2018-13252
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...
CVE-2018-13252
Entrust Datacard Syntera CS 5.x is affected by a Cross-Site Scripting (XSS) vulnerability in the login page, exploitable via the name field of the omain or Computer Name field. The Connected CNVD entry confirms a 5.x version impact and remote code execution is described as possible through the ...
Windows Phone7 < 7.10.8107 Out-of-Date SSL Certificate Blacklist
Binary data windowsphone7108107.nbin...
Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability (2641690)
Microsoft Windows operating system is prone to a spoofing vulnerability. This VT has been superseded by KB2718704 which is addressed in the VT SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Debian DSA-2343-1 : openssl - CA trust revocation
Several weak certificates were issued by Malaysian intermediate CA'Digicert Sdn. Bhd.' This event, along with other issues, has lead to Entrust Inc. and Verizon Cybertrust to revoke the CA's cross-signed certificates. This update to OpenSSL, a Secure Sockets Layer toolkit, reflects this decision ...
DSA-2343-1 openssl - CA trust revocation
Bulletin has no description...
CVE-2007-4594
Entrust Entelligence Security Provider ESP 8 does not properly validate certificates in certain circumstances involving 1 a chain that omits the root Certification Authority CA certificate, or an application that specifies disregarding 2 unknown revocation statuses during path validation or 3...
Design/Logic Flaw
Entrust Entelligence Security Provider ESP 8 does not properly validate certificates in certain circumstances involving 1 a chain that omits the root Certification Authority CA certificate, or an application that specifies disregarding 2 unknown revocation statuses during path validation or 3...