Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 1:45 p.m.7 views

CVE-2014-9593

Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call...

5CVSS7AI score0.03184EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/08 6:0 a.m.17 views

CVE-2024-1076 SSL Zen <= 4.5.3 - Unauthenticated Private Keys Access

The SSL Zen WordPress plugin before 4.6.0 does not properly prevent directory listing of the private keys folder, as it only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who...

6.1AI score0.00413EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/04/17 12:0 a.m.16 views

SSL Zen <= 4.5.3 - Unauthenticated Private Keys Access

Description The plugin only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX. PoC Install the plugin on a server that doesn't...

6.2AI score0.00413EPSS
Exploits2Affected Software1
NCSC
NCSC
added 2021/08/25 12:0 a.m.3 views

Vulnerabilities fixed in OpenSSL

The developers of OpenSSL have fixed two vulnerabilities. The vulnerabilities allow an unauthenticated remote malicious person to remotely able to cause a denial-of-service, or potentially gain access to sensitive data, including possibly private keys currently actively in use on the system. Misu...

9.8CVSS8.4AI score0.87816EPSS
Exploits1
Rows per page
Query Builder