Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

UbuntuCve
UbuntuCveadded 2025/03/21 3:15 p.m.25 views

CVE-2021-25635

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...

5.5CVSS7.2AI score0.00045EPSS
Exploits0References3
Securelist
Securelistadded 2020/04/02 10:0 a.m.69 views

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the...

7.3AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

Microsoft Crypto API X.509 Certificate Validation - Remote Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28548/info Microsoft's Crypto API library is prone to an information-disclosure vulnerability because HTTP requests to arbitrary hosts and ports may be automatically triggered when validating X.509 certificates. Successfu...

7.1AI score
Exploits0
Prion
Prionadded 2008/07/07 11:41 p.m.18 views

Design/Logic Flaw

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List CRL checks by using an arbitrary URL from a certificate embedded in a 1 S/MIME e-mail message or 2 signed document, which allows remote attackers to obtai...

7.5CVSS7.1AI score0.12634EPSS
Exploits0References14Affected Software17
NVD
NVDadded 2008/07/07 11:41 p.m.17 views

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List CRL checks by using an arbitrary URL from a certificate embedded in a 1 S/MIME e-mail message or 2 signed document, which allows remote attackers to obtai...

7.5CVSS6.6AI score0.12634EPSS
Exploits0References14
CVE
CVEadded 2008/07/07 11:0 p.m.57 views

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...

7.5CVSS6.7AI score0.12634EPSS
Exploits0References14Affected Software17
securityvulns
securityvulnsadded 2005/04/07 12:0 a.m.21 views

Computer Associates eTrust Intrusion Detection IDS DoS

Buffer overflow on Microsoft Crypto API CPImportKey call...

3.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulnsadded 2005/04/06 12:0 a.m.27 views

iDEFENSE Security Advisory 04.05.05: Computer Associates eTrust Intrusion Detection System CPImportKey DoS

Computer Associates eTrust Intrusion Detection System CPImportKey Denial of Service Vulnerability iDEFENSE Security Advisory 04.05.05 www.idefense.com/application/poi/display?id=223&type=vulnerabilities April 05, 2005 I. BACKGROUND Computer Associates International, Inc.'s CA eTrust Intrusion...

0.3AI score
Exploits0
Rows per page
Query Builder