Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-1641

Malware in sbrugna...

7.4CVSS7.3AI score0.18339EPSS
Exploits1References43
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: nodejs (UTSA-2025-680624)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680624 advisory. The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL...

7.4CVSS7.7AI score0.18339EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2025/09/02 7:19 a.m.12 views

kernel: net/sched: ets: use old 'nbands' while purging unused classes

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported schets test-case 1 crashing in etsclassqlennotify after recent changes from Lion 2. The problem is: in etsqdiscchange we purge unused DWRR queues; the...

5.5CVSS6.7AI score0.0016EPSS
Exploits0References5
Huntr
Huntr
added 2021/11/21 1:18 p.m.18 views

Cross-Site Request Forgery (CSRF) in star7th/showdoc

Description You set the strict flag only for one of your cookies named cookietoken but in Team management attacker still can delete or add teams with CSRF vulnerability as the cookie with name PHPSESSID don't have strict flag. Proof of Concept 1.replace 38046 with the team id 2.open poc.html and...

4.3CVSS1.3AI score0.00505EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2021/04/14 6:2 p.m.5 views

openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is t...

7.4CVSS7.1AI score0.18339EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/14 3:56 p.m.3 views

openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is t...

7.4CVSS7.1AI score0.18339EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2021/04/14 2:34 p.m.3 views

openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT

A flaw was found in openssl. The flag that enables additional security checks of certificates present in a certificate chain was not enabled allowing a confirmation step to verify that certificates in the chain are valid CA certificates is bypassed. The highest threat from this vulnerability is t...

7.4CVSS7.1AI score0.18339EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2021/04/06 12:0 a.m.4 views

The vulnerability of the X509_V_FLAG_X509_STRICT configuration implementation in the OpenSSL library allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the X509VFLAGX509STRICT configuration in the OpenSSL library is related to errors in the certificate validation process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.4CVSS7.3AI score0.18339EPSS
Exploits1References24Affected Software7
OSV
OSV
added 2021/04/05 3:54 p.m.11 views

MGASA-2021-0176 Updated openssl packages fix security vulnerability

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signaturealgorithms extension where it was present in the initial ClientHello, but includes a signaturealgorithmscert extension then a NU...

7.4CVSS6.5AI score0.62906EPSS
Exploits4References3
Rows per page
Query Builder