10 matches found
EUVD-2020-18369
Malware in sbrugna...
EUVD-2019-2206
Malware in sbrugna...
EUVD-2019-2184
Malware in sbrugna...
EUVD-2020-12554
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-1696
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service TPS where it did not properly sanitize Profile IDs, enabling a Stored...
RHEL 7 : pki-core (RHSA-2025:2426)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:2426 advisory. The Public Key Infrastructure PKI Core contains fundamental packages required by Red Hat Certificate System. Security Fixes: jquery: Untrusted code...
AlmaLinux 9 : pki-core (ALSA-2024:4165)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:4165 advisory. dogtag ca: token authentication bypass vulnerability CVE-2023-4727 Tenable has extracted the preceding description block directly from the AlmaLinux security...
Information Disclosure
pki-core is vulnerable to Information Disclosure. An attacker is able to retrieve the content of arbitrary files by sending specially crafted HTTP requests causing xml external entity attacks...
Cross site scripting
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a...
CVE-2019-10178
It was found that the Token Processing Service TPS did not properly sanitize the Token IDs from the "Activity" page, enabling a Stored Cross Site Scripting XSS vulnerability. An unauthenticated attacker could trick an authenticated victim into creating a specially crafted activity, which would...