Lucene search
K

110 matches found

UbuntuCve
UbuntuCve
added 2026/05/29 12:0 a.m.10 views

CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

Linux Distros Unpatched Vulnerability : CVE-2026-42791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificat...

6.3CVSS5.8AI score0.00316EPSS
Exploits0References3
OSV
OSV
added 2026/05/27 2:16 p.m.9 views

DEBIAN-CVE-2026-42791

Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

3.7CVSS5.8AI score0.00316EPSS
Exploits0References1
OSV
OSV
added 2026/05/27 12:23 p.m.7 views

EEF-CVE-2026-42791 OCSP responder certificate validity period not checked in public_key

Summary Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

6.3CVSS5.9AI score0.00316EPSS
Exploits0References5
OSV
OSV
added 2026/03/03 1:22 p.m.6 views

SUSE-SU-2026:0777-1 Security update for cosign

This update for cosign fixes the following issues: Update to version 3.0.5 jscSLE-23879. Security issues fixed: - CVE-2025-11065: github.com/go-viper/mapstructure/v2: sensitive Information leak in logs bsc1250620. - CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cau...

7.5CVSS6.9AI score0.00533EPSS
Exploits4References19
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.3 views

SUSE SLED15: MozillaThunderbird / MozillaThunderbird-translations-common / etc (SUSE-SU-2025:4006-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4006-1 advisory. This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to...

9.8CVSS7.2AI score0.00465EPSS
Exploits0References43
OSV
OSV
added 2025/11/10 8:0 a.m.3 views

SUSE-SU-2025:4006-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issue: Mozilla Thunderbird is updated to 140.4. changed: Account Hub is now disabled by default for second email account bmo1992027 changed: Flatpak runtime has been updated to Freedesktop SDK 24.08 bmo1952100 fixed: Users could not read mail...

9.8CVSS6.3AI score0.00465EPSS
Exploits0References35
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-6311

Malware in sbrugna...

5.8CVSS5.5AI score0.01061EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2002-2104

Malware in sbrugna...

6.4CVSS6.4AI score0.08256EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2001-0989

Malware in sbrugna...

7.5CVSS6.4AI score0.01727EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-6620

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.00292EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2025/08/15 12:6 p.m.8 views

CVE-2023-5342 Shim: expired secure boot certificate

The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded...

4.1CVSS7AI score0.00079EPSS
Exploits0References4
CVE
CVE
added 2025/08/15 12:6 p.m.29 views

CVE-2023-5342

CVE-2023-5342 affects the Fedora shim’s Secure Boot validation by an expired Fedora Secure Boot CA certificate shipped with shim. Root cause: expiration of the CA cert used to sign boot components, allowing the loading of old/invalid signed boot components. Impact: potential to load outdated or i...

4.1CVSS7AI score0.00079EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

Red Hat Enterprise Linux 安全漏洞

Red Hat Enterprise Linux is a Linux operating system for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux that stems from an expired certificate that could result in the loading of an invalid boot component...

4.1CVSS6.7AI score0.00079EPSS
Exploits0References5
SUSE Linux
SUSE Linux
added 2025/07/04 9:2 a.m.2 views

Security update for gpg2

This update for gpg2 fixes the following issues: gpg: Allow the use of an ADSK subkey as ADSK subkey. bsc1239119 CVE-2025-30258 Don't install expired sks certificate bsc1243069 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

2.7CVSS7.3AI score0.00179EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/05/21 8:33 p.m.6 views

CVE-2002-2125

Internet Explorer 6.0 does not warn users when an expired certificate authority CA certificate is submitted to the user and a newer CA certificate is in the user's local repository, which could allow remote attackers to decrypt web sessions via a man-in-the-middle MITM attack...

6.4CVSS6.8AI score0.08256EPSS
Exploits0References1
Citrix
Citrix
added 2025/03/13 12:0 a.m.40 views

Citrix Virtual Apps and Desktops 2402 CU2 expired certificate

Citrix Virtual Apps and Desktops CVAD 2402 LTSR Cumulative Update 2 CU2 2402.0.2100 contains installers and binaries signed with a now-expired code signing certificate. File signatures are considered valid if either: A timestamp was included at the time of signing, or The certificate used for...

7.2AI score
Exploits0
OSV
OSV
added 2025/02/11 4:15 p.m.5 views

UBUNTU-CVE-2025-24807

eprosima Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group. Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date validated. Access contro...

7.1CVSS5.8AI score0.0019EPSS
Exploits0References8
OSV
OSV
added 2024/12/16 2:5 p.m.5 views

BIT-NODE-MIN-2021-22939

If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted...

5.3CVSS7.5AI score0.1473EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2024/10/31 8:25 a.m.11 views

CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate

HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...

4.8CVSS7AI score0.00167EPSS
Exploits0References1
Rows per page
Query Builder