Lucene search
K

57 matches found

RedHat Linux
RedHat Linux
added 2023/02/06 7:42 p.m.6 views

Mozilla: Revocation status of S/Mime signature certificates was not checked

The Mozilla Foundation Security Advisory describes this flaw as: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by thi...

6.5CVSS7.3AI score0.00372EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/01/19 12:0 a.m.3 views

Dell EMC Storage信任管理问题漏洞

A security vulnerability exists in Dell EMC Storage, a data storage solution from Dell, U.S.A. The vulnerability stems from incorrect certificate revocation checks. An attacker could use the vulnerability to perform a man-in-the-middle attack and eavesdrop on encrypted communications from a cloud...

7CVSS6.7AI score0.00248EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2022/03/04 5:12 a.m.7 views

i-FILTER vulnerable to improper check for certificate revocation

Overview i-FILTER provided by Digital Arts Inc. is vulnerable to improper check for certificate revocation CWE-299 . Digital Arts Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Digital Arts Inc. coordinated under the Information Security Early...

4.8CVSS6.5AI score0.00969EPSS
Exploits0References9
OSV
OSV
added 2021/07/19 5:15 p.m.1 views

DEBIAN-CVE-2020-36425

An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock...

5.3CVSS6AI score0.00907EPSS
Exploits1References1
OSV
OSV
added 2021/02/04 11:2 a.m.2 views

OESA-2021-1004 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols.\r\n\r\n Security Fixes:\r\n\r\n Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending...

7.5CVSS7AI score0.09917EPSS
Exploits3References5
NVD
NVD
added 2020/09/11 4:15 p.m.16 views

CVE-2020-25276

An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. When using a client certificate to enroll over the EST protocol, no revocation check is performed on that certificate. This vulnerability can only affect a system that has EST configured, uses client certificates to authenticate...

7.3CVSS0.00491EPSS
Exploits0References1
OSV
OSV
added 2020/09/11 4:15 p.m.5 views

CVE-2020-25276

An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. When using a client certificate to enroll over the EST protocol, no revocation check is performed on that certificate. This vulnerability can only affect a system that has EST configured, uses client certificates to authenticate...

7.3CVSS7.1AI score0.00491EPSS
Exploits0References1
CVE
CVE
added 2020/09/11 3:15 p.m.40 views

CVE-2020-25276

PrimeKey EJBCA 6.x and 7.x prior to 7.4.1 is affected. When enrolling via EST using a client certificate, revocation checks are not performed on that certificate, only impacting systems with EST configured and where the revoked certificate is in a role authorized to enroll new end entities. Remed...

7.3CVSS7AI score0.00491EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/11 1:15 p.m.5 views

CVE-2020-16228

In Patient Information Center iX PICiX Versions C.02 and C.03, PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and prior, the software does not check or incorrectly checks the revocation status of a certificate...

6.4CVSS5.8AI score0.00371EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/11 12:0 a.m.4 views

PT-2020-16057 · Primekey · Primekey Ejbca

Name of the Vulnerable Software and Affected Versions: PrimeKey EJBCA versions 6.x through 7.4.0 Description: An issue was discovered where no revocation check is performed on a client certificate when enrolling over the EST protocol. This can affect systems with EST configured, using client...

7.3CVSS7.1AI score0.00491EPSS
Exploits0References3
OSV
OSV
added 2019/11/26 4:15 a.m.2 views

DEBIAN-CVE-2019-19270

An issue was discovered in tlsverifycrl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry checking twice for subject, rather than once for subject and once for issuer prevents some valid CRLs from being taken into account, and can allow clients whose certificate...

7.5CVSS6AI score0.01014EPSS
Exploits0References1
OSV
OSV
added 2018/07/31 1:29 p.m.2 views

DEBIAN-CVE-2018-8019

When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using...

7.4CVSS7.3AI score0.04068EPSS
Exploits0References1
OSV
OSV
added 2017/04/05 5:59 p.m.6 views

UBUNTU-CVE-2015-4680

FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates...

7.5CVSS7.3AI score0.01791EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/04/09 12:0 a.m.33 views

Fedora 18 : openstack-keystone-2012.2.3-5.fc18 (2013-4590)

Fix online revocation check for PKI tokens CVE-2013-1865 Add openssl dependency for PKI tokens Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...

6.8CVSS5.3AI score0.02608EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2012/08/26 3:17 a.m.3 views

CVE-2011-5123

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

10CVSS5.5AI score0.01221EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2012/08/26 3:17 a.m.1 views

CVE-2011-5121

The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check whether unspecified X.509 certificates are revoked, which has unknown impact and remote attack vectors...

10CVSS5.5AI score0.01221EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2009/09/01 12:0 a.m.27 views

Opera < 10.00 Multiple Vulnerabilities

Binary data 5146.prm...

7.5CVSS7.3AI score0.02221EPSS
Exploits0References6
Rows per page
Query Builder