StrongSwan security vulnerabilities

strongSwan is an open-source VPN solution based on IPsec, developed by Andreas Steffen of Switzerland. This solution includes X.509 public key certificates, secure storage of private keys, and authentication mechanisms such as smart cards. strongSwan has security vulnerabilities, which stem from...

[SECURITY] Fedora 44 Update: nss-3.121.0-1.fc44

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

Panic when validating certificates with DSA public keys in crypto/x509

...

ALSA-2025:15874 Moderate: python-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

Moderate: Red Hat Security Advisory: python-cryptography security update

An update for python-cryptography is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2025-1382 · Openssl · Openssl

Name of the Vulnerable Software and Affected Versions: Data Distribution Service DDS affected versions not specified Description: The issue allows an attacker to compromise and gain full control of a secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS7...

strongSwan Security Vulnerabilities

strongSwan is a Swiss Andreas Steffen personal developer of a Linux platform to use the open source IPsec-based VPN solution. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, and smart cards. A security vulnerability exists in...

The vulnerability of the Kafka platform’s message and section management package for security organization, automation, and Cortex XSOAR responses lies in the unencrypted storage of key certificates, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Kafka platform’s message and section management package for security organization, automation, and Cortex XSOAR response is related to the unencrypted storage of key certificates. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to...

golang: crypto/tls: slow verification of certificate chains containing large RSA keys

A denial of service vulnerability was found in the Golang Go package caused by an uncontrolled resource consumption flaw. By persuading a victim to use a specially crafted certificate with large RSA keys, a remote attacker can cause a client/server to expend significant CPU time verifying...

strongSwan trust management issue vulnerability

strongSwan is a set of open source IPsec-based VPN solution for Linux platforms used by Andreas Steffen, a personal developer in Switzerland. The solution contains X.509 public key certificates, secure storage private keys, smart cards and other authentication mechanisms. strongSwan versions prio...

The vulnerability of the XWiki Crypto API interface of the XWiki Platform, a platform for creating collaborative web applications, allows a perpetrator to execute arbitrary code.

The vulnerability of the XWiki Crypto API interface of the XWiki Platform, a platform for creating collaborative web applications, is related to the generation of X509 certificates, which are signed by default using SHA1. Exploiting this vulnerability could allow a malicious actor to execute...

Digital COVID Certificates 信任管理问题漏洞

Digital COVID Certificates is a digital COVID certificate for the European Union, designed to help facilitate the free movement and travel of EU citizens and non-EU nationals within the EU. A security vulnerability exists in Digital COVID Certificates that stems from the product allowing the use ...

Code injection

When user downloads PGP or S/MIME keys/certificates, exported file has same name for private and public keys. Therefore it's possible to mix them and to send private key to the third-party instead of public key. This issue affects OTRS Community Edition: 5.0.42 and prior versions, 6.0.27 and prio...

The vulnerability of Cisco RV320 and Cisco RV325 microprogrammed software lies in the presence of a hard-coded pair of open/closed key H.509 certificates and a static SSH host key, which allows an attacker to elevate their privileges.

The vulnerability of Cisco RV320 and Cisco RV325 router microprogramming software is related to the presence of a tightly encrypted pair of open/closed keys H.509 certificate and a static SSH host key. Exploiting this vulnerability allows an attacker operating remotely to enhance their privileges...

The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the NSS Network Security Services library of Mozilla for Mozilla Firefox ESR due to incorrect processing of ASN.1 values in X.509 certificates. Exploiting this vulnerability allows malicious actors to replace RSA signatures with specially crafted certificates. This...

The vulnerability of Thunderbird software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the NSS Network Security Services library of Mozilla, applicable to Mozilla Firefox, Mozilla Firefox ESR, Mozilla Thunderbird, Mozilla SeaMonkey, Google Chrome, and Google Chrome OS. It stems from improper handling of ASN.1 values in X.509 certificates. Exploiting this...

Noke - Certificates or keys found, Customized SSL, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Noke published at the 'play' market has multiple vulnerabilities...

DEBIAN-CVE-2013-1740

The sslDo1stHandshake function in sslsecur.c in libssl in Mozilla Network Security Services NSS before 3.15.4, when the TLS False Start feature is enabled, allows man-in-the-middle attackers to spoof SSL servers by using an arbitrary X.509 certificate during certain handshake traffic...