node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance

A flaw was found in Forge also known as node-forge, a JavaScript implementation of Transport Layer Security TLS. The pki.verifyCertificateChain function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extension...

Unity Linux 20.1060e / 20.1070e Security Update: mutt (UTSA-2026-016642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016642 advisory. Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate. Tenable has...

wolfSSL（CyaSSL） 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, aimed at developers working with embedded systems. wolfSSL CyaSSL contains security vulnerabilities; these vulnerabilities stem from the parsing of URI names during certificate chain...

MiracleLinux 4 : nspr-4.10.2-1.AXS4, nss-3.15.3-6.0.1.AXS4, nss-util-3.15.3-1.AXS4 (AXSA:2014-054:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-054:01 advisory. nss: Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server...

CVE-2023-5594

CVE-2023-5594 describes improper validation of the server’s certificate chain in the secure traffic scanning feature, causing intermediate certificates signed with MD5 or SHA-1 to be treated as trusted. Multiple sources (NVD, CVE List, CNNVD, PRION/PRION-like entries, and EUVD) tie this to ESET s...

SUSE CVE-2009-5138

GnuTLS before 2.7.6, when the GNUTLSVERIFYALLOWX509V1CACRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different...

SUSE CVE-2015-4680

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates...

SUSE CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

ALPINE-CVE-2022-40617

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity and intermediate CA certificate that contains a CRL/OCSP URL that points to a server under the attacker's control that doesn't properly respond but for example jus...

Mageia: Security Advisory (MGASA-2014-0006)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2021-1399 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.CVE-2020-14154...

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

USN-4401-1 mutt vulnerabilities

It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. CVE-2020-14093 It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

DEBIAN-CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

UBUNTU-CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

CVE-2020-14154

Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...

The XenMobile server is not sending the required intermediate certificate

Whenever verifying the certificate for XenMobile on https://www.digicert.com/help/ you get the following: The server is not sending the required intermediate certificate...

DEBIAN-CVE-2015-4680

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates...