Lucene search
+L

41 matches found

osv
osv
added 2026/06/25 8:17 p.m.4 views

DEBIAN-CVE-2026-55964

Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA. Intermediate CA certificates are required to have the keyCertSign key usage when a Key Usage extension is present, but chain-supplied temporary CAs WOLFSSLTEMPCA added while building a certificate path were previously exempt...

5.3CVSS5.8AI score0.00118EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/25 12:0 a.m.15 views

PT-2026-52573

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An issue exists where chain intermediate certificates asserting CA:TRUE but lacking the keyCertSign key usage were accepted as signing CAs. This occurs because chain-supplied temporary CAs...

6.3CVSS5.8AI score0.00118EPSS
Exploits0References5
euvd
euvd
added 2025/10/07 12:30 a.m.9 views

EUVD-2002-1390

Malware in sbrugna...

7.5CVSS6.4AI score0.01057EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2009-5093

Malware in sbrugna...

5.8CVSS6AI score0.01814EPSS
Exploits1References18
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-0829

Malware in sbrugna...

5.9CVSS6.2AI score0.00268EPSS
Exploits0References5
f5
f5
added 2023/02/21 6:52 p.m.20 views

K14903688: BIG-IP SSL Profile OCSP Authentication security exposure

Security Advisory Description The BIG-IP system does not properly verify the revocation of intermediate CA certificates when querying Online Certificate Status Protocol OCSP servers and may allow unauthorized connections. This issue occurs when all of the following conditions are met: You have a...

6.5AI score
Exploits0
openvas
openvas
added 2021/06/09 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2013:1920-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
nessus
nessus
added 2020/06/18 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2020:1584-1)

This update for gnutls fixes the following issues : CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker to...

7.4CVSS7.5AI score0.17507EPSS
Exploits3References5
nessus
nessus
added 2020/06/11 12:0 a.m.30 views

openSUSE Security Update : gnutls (openSUSE-2020-790)

This update for gnutls fixes the following issues : - CVE-2020-13777: Fixed an insecure session ticket key construction which could have made the TLS server to not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing an attacker ...

7.4CVSS7.5AI score0.17507EPSS
Exploits3References3
akamaiblog
akamaiblog
added 2019/12/19 8:30 p.m.101 views

Inspecting TLS Web Traffic - Part 2

In the first blog post I covered why HTTPS web traffic has grown to unprecedented levels, provided a TLS primer and looked at the basic concept of intercepting and inspecting HTTPS web traffic with Man-In-The-Middle techniques MITM. In the second part, I will dive a bit deeper into how the TLS MI...

0.3AI score
Exploits0
nessus
nessus
added 2018/03/09 12:0 a.m.35 views

SUSE SLES12 Security Update : squid (SUSE-SU-2018:0636-1)

This update for squid fixes the following issues: Security issues fixed : - CVE-2018-1000024: DoS fix caused by incorrect pointer handling when processing ESI responses. This affects the default custom esiparser bsc1077003. - CVE-2018-1000027: DoS fix caused by incorrect pointer handing whien...

7.5CVSS6.6AI score0.13149EPSS
Exploits0References7
nessus
nessus
added 2018/02/05 12:0 a.m.35 views

Debian DLA-1266-1 : squid3 security update

Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA certificate downloading. CVE-2018-1000024 Incorrect pointer handling resulted in the ability of a remote server to...

7.5CVSS6.5AI score0.13149EPSS
Exploits0References4
debian
debian
added 2018/02/02 2:42 p.m.39 views

[SECURITY] [DLA 1266-1] squid3 security update

Package : squid3 Version : 3.1.20-2.2+deb7u8 CVE ID : CVE-2018-1000024 CVE-2018-1000027 Debian Bug : 888719 888720 Squid, a high-performance proxy caching server for web clients, has been found vulnerable to denial of service attacks associated with ESI response processing and intermediate CA...

7.5CVSS6.7AI score0.13149EPSS
Exploits0
cvelist
cvelist
added 2017/04/05 5:0 p.m.30 views

CVE-2015-4680

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates...

7.5AI score0.01791EPSS
Exploits0References7
threatpost
threatpost
added 2017/02/22 1:41 p.m.18 views

Intermediate CA Caching Could Be Used to Fingerprint Firefox Users

The way that Firefox caches intermediate CA certificates could open the door to the fingerprinting of users and the leaking of browsing details, a researcher warned this week. Alexander Klink, a security researcher based in Germany, discovered the issue and reported it to Mozilla in January but...

7.4AI score
Exploits0References11
ubuntucve
ubuntucve
added 2016/03/12 9:59 p.m.30 views

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

5.9CVSS6.6AI score0.00268EPSS
Exploits0References2
prion
prion
added 2016/03/12 9:59 p.m.21 views

Design/Logic Flaw

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

4.3CVSS6.8AI score0.00268EPSS
Exploits0References4Affected Software1
osv
osv
added 2016/03/12 9:59 p.m.3 views

UBUNTU-CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

5.9CVSS6.6AI score0.00268EPSS
Exploits0References3
cve
cve
added 2016/03/12 9:0 p.m.55 views

CVE-2016-0818

The CVE affects Conscrypt’s TrustManagerImpl on Android, where caching mishandles the distinction between an intermediate CA and a trusted root CA. Affected: Android/Conscrypt versions: 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01. Impact: enables MITM by exploiting an int...

5.9CVSS5.6AI score0.00268EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2016/03/12 9:0 p.m.27 views

CVE-2016-0818

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 mishandles the distinction between an intermediate CA and a trusted root CA, which allows man-in-the-middle attackers to...

5.7AI score0.00268EPSS
Exploits0References4
Rows per page
Query Builder