11 matches found
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-2748 S/MIME Certificate Subject Whitespace
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CLSA-2023-1687269849 openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
CLSA-2023-1687269261 openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
CLSA-2023-1687268961 openssl: Fix of CVE-2023-2650
CVE-2023-2650: Restrict the size of OBJECT IDENTIFIERs that OBJobj2txt will translate - Update expired smime/SM2 certificates that affect tests...
Thunderbird: Revocation status of S/Mime recipient certificates was not checked
The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...
Thunderbird: Revocation status of S/Mime recipient certificates was not checked
The Mozilla Foundation Security Advisory describes this flaw as: OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug...
Mozilla: Revocation status of S/Mime signature certificates was not checked
The Mozilla Foundation Security Advisory describes this flaw as: Certificate OCSP revocation status was not checked when verifying S/Mime signatures. Mail signed with a revoked certificate would be displayed as having a valid signature. Thunderbird versions from 68 to 102.7.0 were affected by thi...
CVE-2020-12618
eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public key of the entity to be impersonated. This enable...
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...