Lucene search
K

148 matches found

OSV
OSV
added 2024/01/22 5:45 p.m.8 views

CLSA-2024-1705945513 Update of ca-certificates

update to CKBI 2.64 from NSS 3.95 - updated: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - removed old certificates: - Certificate "E-Tugra Certification Authority" - Certificate "Hongkong Post Root CA 1" - Certificate "Symantec Class 1 Public Primary Certification...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/11/10 11:6 a.m.5 views

OESA-2023-1810 qt security update

Qt pronounced as "cute", not "cu-tee" is a cross-platform framework that is usually used as a graphical toolkit, although it is also very helpful in creating CLI applications. It runs on the three major desktop OSes, as well as on mobile OSes, such as Symbian, Nokia Belle, Meego Harmattan, MeeGo ...

5.3CVSS6.9AI score0.00732EPSS
Exploits0References2
NVD
NVD
added 2023/08/14 9:15 p.m.30 views

CVE-2023-21265

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS7.3AI score0.00278EPSS
Exploits0References2
Prion
Prion
added 2023/08/14 9:15 p.m.31 views

Information disclosure

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

5CVSS7.2AI score0.00278EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/08/14 8:59 p.m.27 views

CVE-2023-21265

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5AI score0.00278EPSS
Exploits0References2
CVE
CVE
added 2023/08/14 8:59 p.m.416 views

CVE-2023-21265

CVE-2023-21265 affects Android’s trust management by listing multiple root CA certificates that must be disabled. The underlying issue enables remote information disclosure without additional execution privileges and requires no user interaction. Public documents describe the affected area as the...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/14 8:59 p.m.19 views

CVE-2023-21265

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

6.7AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2023/08/03 5:5 p.m.4 views

CLSA-2023-1691082298 Update of alt-php

Update ca-certificates database to 20230629: - mozilla/certdata.txt,nssckbi.h: Update Mozilla certificate authority bundle to version 2.62. - The following certificate authorities were added +: + "BJCA Global Root CA1" + "BJCA Global Root CA2"...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/08/03 2:43 p.m.4 views

CLSA-2023-1691073784 Update of ca-certificates

update to CKBI 2.62 from NSS 3.91 - added new certificates: - Certificate "BJCA Global Root CA1" - Certificate "BJCA Global Root CA2"...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/08/01 12:0 a.m.29 views

ASB-A-262521447

In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS7.2AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2023/08/01 12:0 a.m.27 views

ASB-A-277824547

In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

9.8CVSS9.3AI score0.00439EPSS
Exploits0References2
OSV
OSV
added 2023/02/21 12:8 p.m.8 views

CLSA-2023-1676981312 Update of ca-certificates

update to CKBI 2.60 from NSS 3.86 - removed old certificates: - Certificate "EC-ACC" - Certificate "GlobalSign ECC Root CA - R4" - Certificate "GTS Root R1" - Certificate "GTS Root R2" - Certificate "GTS Root R3" - Certificate "GTS Root R4" - Certificate "Hellenic Academic and Research...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/02/16 6:13 p.m.11 views

CLSA-2023-1676571183 Update of nss

Update to CKBI 2.60 from NSS 3.86 - Added: - Certificate "Autoridad de Certificacion Firmaprofesional CIF A62634068" - Certificate "Certainly Root E1" - Certificate "Certainly Root R1" - Certificate "DigiCert SMIME ECC P384 Root G5" - Certificate "DigiCert SMIME RSA4096 Root G5" - Certificate...

5.8AI score
Exploits0References1
OSV
OSV
added 2023/01/06 2:36 p.m.2 views

SUSE-SU-2023:0037-1 Security update for ca-certificates-mozilla

This update for ca-certificates-mozilla fixes the following issues: - Updated to 2.60 state of Mozilla SSL root CAs bsc1206622 Removed CAs: - Global Chambersign Root - EC-ACC - Network Solutions Certificate Authority - Staat der Nederlanden EV Root CA - SwissSign Platinum CA - G2 Added CAs: -...

7.4AI score
Exploits0References3
OpenVAS
OpenVAS
added 2022/07/25 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:2536-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.17563EPSS
Exploits0References15
OSV
OSV
added 2022/05/24 4:46 p.m.19 views

GHSA-VFXC-R2GX-V2VQ Hybrid Group Gobot Improper Certificate Validation vulnerability

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. Specific Go Packages Affected github.com/hybridgroup/gobot/platforms/mqtt...

7.5CVSS7.4AI score0.0071EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/24 4:46 p.m.24 views

Hybrid Group Gobot Improper Certificate Validation vulnerability

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. Specific Go Packages Affected github.com/hybridgroup/gobot/platforms/mqtt...

7.5CVSS7.3AI score0.0071EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.17 views

WordPress 5.3.x < 5.3.10 Expired DST Root CA X3 Certificate

According to its self-reported version number, the detected WordPress application is affected by an expired certificate. The wordpress/wp-includes/certificates/ca-bundle.crt file still contains the DST Root CA X3 expired certificate. Note that the scanner has not tested for these issues but has...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.11 views

WordPress 5.6.x < 5.6.6 Expired DST Root CA X3 Certificate

According to its self-reported version number, the detected WordPress application is affected by an expired certificate. The wordpress/wp-includes/certificates/ca-bundle.crt file still contains the DST Root CA X3 expired certificate. Note that the scanner has not tested for these issues but has...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/15 12:0 a.m.90 views

WordPress 5.7.x < 5.7.4 Expired DST Root CA X3 Certificate

According to its self-reported version number, the detected WordPress application is affected by an expired certificate. The wordpress/wp-includes/certificates/ca-bundle.crt file still contains the DST Root CA X3 expired certificate. Note that the scanner has not tested for these issues but has...

7.3AI score
Exploits0References2
Rows per page
Query Builder