CVE-2026-47838

SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user. Affected versions: Spring Security 5.7....

PT-2026-34251

Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...

CVE-2026-27586

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

CVE-2026-27586 Caddy's mTLS client authentication silently fails open when CA certificate file is missing or malformed

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, two swallowed errors in ClientAuthentication.provision cause mTLS client certificate authentication to silently fail open when a CA certificate file is missing, unreadable, or malformed. The server starts...

EUVD-2006-5096

Malware in sbrugna...

EUVD-2014-1721

Malware in sbrugna...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

CVE-2025-54777

Uncaught exception issue exists in Multiple products in bizhub series. If a malformed file is imported as an S/MIME Email certificate, it may cause a denial-of-service issue that disable the Web Connection feature...

PT-2025-35192

Name of the Vulnerable Software and Affected Versions: bizhub series affected versions not specified Description: An uncaught exception issue exists that may cause a denial-of-service by disabling the Web Connection feature when a malformed file is imported as an S/MIME Email certificate...

DEBIAN-CVE-2024-45238

An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a resource certificate containing a bit string that doesn't properly decode into a Subject Public Key. OpenSSL does not report this problem during parsin...

Duplicate Advisory: phpseclib: guardrails needed on isPrime and randomPrime

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2528-jw5q-ww88. This link is maintained to preserve external references. Original Description An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can...

CVE-2024-27354

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service CPU consumption for an isPrime primality check. NOTE: this issue was introduced when...

CVE-2024-27354

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service CPU consumption for an isPrime primality check. NOTE: this issue was introduced when...

CVE-2024-27354

CVE-2024-27354 affects phpseclib 1.x < 1.0.23, 2.x < 2.0.47, and 3.x

CVE-2024-27354

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service CPU consumption for an isPrime primality check. NOTE: this issue was introduced when...

CVE-2024-27354

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. An attacker can construct a malformed certificate containing an extremely large prime to cause a denial of service CPU consumption for an isPrime primality check. NOTE: this issue was introduced when...

phpseclib security vulnerability

phpseclib is a PHP secure communication library open-sourced by phpseclib. A security vulnerability exists in phpseclib versions prior to 1.0.23, 2.0.47, and 3.0.36, which stems from a denial of service that allows an attacker to construct an incorrectly-formatted certificate containing a very...

ALPINE-CVE-2024-0727

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates...

Security Bulletin: Potential SSL/TLS-related denial of service vulnerability in GSKit used with IBM Informix Client Software Development Kit (CSDK) (CVE-2013-6747)

Summary An SSL/TLS connection initiated using a malformed certificate chain from a Client or Server could contain a circular reference. The circular reference can cause the chain building logic to loop and lead to an engine crash or an engine hang when it runs out of memory. Vulnerability Details...

Denial Of Service (DoS)

nss is vulnerable to denial of service DoS. The vulnerability exists through a malformed netscape certificate sequence,...