Lucene search
K

86 matches found

RedhatCVE
RedhatCVE
added 2026/06/30 7:49 a.m.33 views

CVE-2026-53434

A flaw was found in Apache Tomcat. When configuring Certificate Revocation Lists CRLs for a FFM presumably a specific type of connector, the system fails to detect and act upon an error condition. This oversight could lead to unexpected behavior or a security bypass, as the intended security...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 9:16 p.m.11 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS0.00368EPSS
Exploits0References2
OSV
OSV
added 2026/06/29 9:16 p.m.6 views

DEBIAN-CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 8:41 p.m.5 views

CVE-2026-53434

Detection of Error Condition Without Action vulnerability in Apache Tomcat when configuring CRLs for a FFM based connector. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M7 through 10.1.55, from 9.0.83 through 9.0.118. Users are recommended to upgrade to version...

5.7AI score0.00368EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53742

Name of the Vulnerable Software and Affected Versions Apache Tomcat versions 11.0.0-M1 through 11.0.22 Apache Tomcat versions 10.1.0-M7 through 10.1.55 Apache Tomcat versions 9.0.83 through 9.0.118 Description An issue exists in the FFM-based TLS connector when certificate revocation lists CRLs a...

9.1CVSS5.7AI score0.00368EPSS
Exploits0References21
NVD
NVD
added 2026/06/09 9:16 a.m.10 views

CVE-2026-6899

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS0.00108EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:39 a.m.44 views

CVE-2026-6899 Improper Check for Certificate Revocation in S2OPC

Check for certificate revocation only considers the first matching CRL and ignores other valid CRLs of the same CA in the CycloneCrypto cryptographic wrapper of S2OPC library. It might allow connection between an OPC UA client and server using a revoked certificate...

5.6CVSS0.00108EPSS
Exploits0References1
OSV
OSV
added 2026/04/22 12:0 p.m.6 views

RUSTSEC-2026-0104 Reachable panic in certificate revocation list parsing

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::fromder or OwnedCertRevocationList::fromder. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34530

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::from der or OwnedCertRevocationList::from der. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.5 views

CVE-2026-3548

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS6.1AI score0.00471EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/03/20 8:35 p.m.10 views

CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

5.9AI score
Exploits0References5Affected Software2
OSV
OSV
added 2026/03/20 8:35 p.m.5 views

GHSA-9F94-5G5W-GF6R CRL Distribution Point Scope Check Logic Error in AWS-LC

Summary AWS-LC is an open-source, general-purpose cryptographic library. Impact A logic error in CRL distribution point matching in AWS-LC allows a revoked certificate to bypass revocation checks during certificate validation, when the application enables CRL checking and uses partitioned CRLs wi...

7.4CVSS5.9AI score0.00252EPSS
Exploits0References5
CVE
CVE
added 2026/03/19 8:37 p.m.17 views

CVE-2026-4428

The CVE relates to AWS-LC CRL distribution point validation logic before 1.71.0. A logic error caused partitioned CRLs to be incorrectly rejected as out of scope, enabling a revoked certificate to bypass revocation checks. Affected software is AWS-LC prior to 1.71.0; the issue is fixed in AWS-LC ...

9.1CVSS5.7AI score0.00252EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/19 5:45 p.m.22 views

CVE-2026-3548 Buffer overflow in CRL number parsing in wolfSSL

Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs,...

9.2CVSS0.00471EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/03/16 12:0 a.m.3 views

Botan C++ Crypto Algorithms Library 3.11.0

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2008-4659

Malware in sbrugna...

6.8CVSS6.4AI score0.01559EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-5766

Malware in sbrugna...

4.3CVSS6.4AI score0.02346EPSS
Exploits0References6
Packet Storm News
Packet Storm News
added 2025/02/05 12:0 a.m.7 views

Botan C++ Crypto Algorithms Library 3.7.1

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/06/27 12:0 a.m.6 views

PT-2023-22011 · Apereo · Apereo Cas

Name of the Vulnerable Software and Affected Versions: Apereo CAS versions prior to 6.6.6 Description: The issue concerns Apereo CAS, an open source single sign-on solution. It can be configured to use authentication based on client X509 certificates, which can be provided via TLS handshake or a...

7.5CVSS7.2AI score0.00503EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 6:8 a.m.4 views

SUSE CVE-2008-2420

The OCSP functionality in stunnel before 4.24 does not properly search certificate revocation lists CRL, which allows remote attackers to bypass intended access restrictions by using revoked certificates...

6.8CVSS7AI score0.01364EPSS
Exploits0References3
Rows per page
Query Builder