CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Mozilla Foundation Security Advisory describes this flaw as: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by thi...

6.5CVSS7.3AI score0.00088EPSS

Exploits0References5

OSV•added 2022/11/22 2:32 p.m.•7 views

SUSE-SU-2022:4185-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2022-40617: Fixed that using untrusted URIs for revocation checking could lead to denial of service bsc1203556...

7.5CVSS7.3AI score0.00222EPSS

Exploits0References3

OSV•added 2022/11/22 9:9 a.m.•4 views

SUSE-SU-2022:4159-1 Security update for strongswan

This update for strongswan fixes the following issues: - CVE-2022-40617: Fixed that using untrusted URIs for revocation checking could lead to denial of service bsc1203556...

7.5CVSS7.3AI score0.00222EPSS

Exploits0References3

Hacker One•added 2020/07/06 8:58 p.m.•150 views

GitHub Security Lab: CodeQL query for disabled revocation checking

This bug was reported directly to GitHub Security Lab...

1.4AI score

Exploits0

OSV•added 2017/07/04 1:54 p.m.•2 views

SUSE-SU-2017:1777-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate authentication bypass. bnc1041445 - CVE-2015-4680: Add a configuration option to allow checking of all intermediate certificates for revocations. bnc935573 The...

9.8CVSS8.6AI score0.00637EPSS

Exploits0References6

NVD•added 2015/10/23 10:59 a.m.•14 views

CVE-2015-6997

The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certifica...

4.3CVSS5.5AI score0.0025EPSS

Exploits0References6

Prion•added 2015/10/23 10:59 a.m.•14 views

Design/Logic Flaw

4.3CVSS5.8AI score0.0025EPSS

Exploits0References6Affected Software2

Cvelist•added 2015/10/23 10:0 a.m.•24 views

CVE-2015-6997

5.5AI score0.0025EPSS

Exploits0References6

NVD•added 2015/10/09 5:59 a.m.•11 views

CVE-2015-5894

The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked...

4.3CVSS5AI score0.00157EPSS

Exploits0References4

Prion•added 2015/10/09 5:59 a.m.•14 views

Design/Logic Flaw

4.3CVSS6.2AI score0.00157EPSS

Exploits0References4Affected Software1

Cvelist•added 2015/10/09 1:0 a.m.•15 views

CVE-2015-5894

5.8AI score0.00157EPSS

Exploits0References4

ThreatPost•added 2015/03/04 10:47 a.m.•19 views

Firefox 37 to Include New OneCRL Certificate Blocklist

The next version of Mozilla Firefox will include a new certificate revocation list that will speed up and streamline the process of revoking intermediate certificates trusted by the browser. The new feature, known as OneCRL, is meant as a replacement for the old OCSP online certificate status...

0.4AI score

Exploits0References2

ThreatPost•added 2014/04/21 12:2 p.m.•11 views

OpenSSL Heartbleed and the Value of CRLs

One of the consequences of the drama around the OpenSSL heartbleed vulnerability is that security experts have begun taking a hard look again at the certificate revocation process and whether it actually protects users or gives them any visibility into the validity of a given certificate. In a lo...

0.5AI score

Exploits0References3