839 matches found
CVE-2026-33799 Junos OS and Junos OS Evolved: Receipt of a specific SNMPv3 request results in memory leak and eventual snmpd crash
An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...
CVE-2026-13211
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role...
EUVD-2026-39654
In JetBrains YouTrack before 2026.2.16593 project settings disclosure via the MCP was possible...
CVE-2026-39006
CVE-2026-39006 concerns SNMP4J-Agent 3.8.3 where a remote attacker can execute arbitrary code via the snmp4jCfgStoragePath component. Documented impact is critical (CVSS v3.1: 9.8) with network discovery and no user interaction required; exploitation status is not provided in the supplied sources...
PT-2026-49299
Name of the Vulnerable Software and Affected Versions SNMP4J-Agent version 3.8.3 Description A remote attacker can execute arbitrary code through the snmp4jCfgStoragePath component. Recommendations At the moment, there is no information about a newer version that contains a fix for this...
SUSE CVE-2026-42769
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...
CVE-2026-42769
A flaw was found in the Certificate Management Protocol CMP implementation within OpenSSL. An attacker with existing Registration Authority RA level credentials could exploit an error in the certificate verification process during a Root Certificate Authority CA key update. This vulnerability...
CVE-2026-42767
A flaw was found in OpenSSL. An attacker controlling a Certificate Management Protocol CMP server, or acting as a man-in-the-middle, could craft a malicious CMP response. This response, containing a Certificate Request Message Format CRMF CertRepMessage with a specific malformed EncryptedValue...
Linux Distros Unpatched Vulnerability : CVE-2026-42767
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact...
Linux Distros Unpatched Vulnerability : CVE-2026-42769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response...
EUVD-2026-35484
Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...
EUVD-2026-35486
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...
CVE-2026-42767
Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...
ALPINE-CVE-2026-42769
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...
CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...
CVE-2026-42769 Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol CMP message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority RA level to t...