Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2026/03/02 12:0 a.m.4 views

PT-2026-22574

Name of the Vulnerable Software and Affected Versions CGM CLININET system affected versions not specified Description The CGM CLININET system uses smart card authentication, but authentication happens locally on the client device. Instead of verifying the smart card and private key, only the...

9CVSS5.8AI score0.00186EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-38825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by...

6.4CVSS5.5AI score0.00132EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/06/13 7:15 a.m.3 views

CVE-2024-38825

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...

6.4CVSS7.4AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2025/06/13 7:15 a.m.4 views

UBUNTU-CVE-2024-38825

The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...

6.4CVSS5.8AI score0.00132EPSS
Exploits0References4
OSV
OSV
added 2024/01/23 1:15 a.m.4 views

CVE-2024-23218

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS1 v1.5 ciphertexts without having the...

5.9CVSS5.7AI score0.01001EPSS
Exploits0References16
CNNVD
CNNVD
added 2024/01/22 12:0 a.m.5 views

Apple tvOS Security Breach

Apple tvOS is a smart TV operating system from Apple. A security vulnerability exists in Apple tvOS version 17.3, which allows an attacker to decrypt old RSA PKCS ciphertexts without a private key...

5.9CVSS6.5AI score0.01001EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2021/12/13 3:29 p.m.3 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.06975EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2021/11/17 3:38 p.m.5 views

golang: crypto/tls: certificate of wrong type is causing TLS client to panic

A flaw was found in golang. A panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists or can be issued, or the client is configured with...

6.5CVSS7.1AI score0.06975EPSS
Exploits1References6
Rows per page
Query Builder