CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-10180

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in all pki-core 10.x.x version, where the Token Processing Service TPS did not properly sanitize several parameters stored for the...

4.8CVSS5.1AI score0.0067EPSS

Exploits0References3

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2019-10178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that the Token Processing Service TPS did not properly sanitize the Token IDs from the Activity page, enabling a Stored Cross Site Scripting XSS...

6.1CVSS5.4AI score0.0024EPSS

Exploits0References3

Tenable Nessus•added 2025/08/26 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2020-1696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the all pki-core 10.x.x versions, where Token Processing Service TPS where it did not properly sanitize Profile IDs, enabling a Stored...

5.4CVSS5.1AI score0.0036EPSS

Exploits0References3

OpenVAS•added 2024/03/08 12:0 a.m.•30 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.46427EPSS

Exploits3References2

Fedora•added 2024/03/07 10:33 p.m.•29 views

[SECURITY] Fedora 40 Update: dogtag-pki-11.5.0-3.fc40

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. Dogtag PKI consists of the following components: Certificate Authority CA Key Recovery Authority KRA Online Certificate Status Protocol OCSP Manager Token Key Service TKS Token...

8.8CVSS6.8AI score0.46427EPSS

Exploits3

OpenVAS•added 2021/06/20 12:0 a.m.•18 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-99ca984f32)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

OpenVAS•added 2021/06/20 12:0 a.m.•19 views

Fedora: Security Advisory for pki-core (FEDORA-2021-54a73a7112)

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

OpenVAS•added 2021/06/20 12:0 a.m.•16 views

Fedora: Security Advisory for dogtag-pki (FEDORA-2021-54a73a7112)

7.8CVSS7.7AI score0.00018EPSS

Exploits0References2

Fedora•added 2021/06/18 1:10 a.m.•28 views

[SECURITY] Fedora 33 Update: pki-core-10.10.6-1.fc33

Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: Automatic Certificate Management Environment ACME Responder Certificate Authority CA Key Recovery Authority KRA Online Certificate Status...

Fedora•added 2021/06/18 1:10 a.m.•38 views

[SECURITY] Fedora 33 Update: dogtag-pki-10.10.6-1.fc33

Fedora•added 2021/06/18 1:8 a.m.•27 views

[SECURITY] Fedora 34 Update: pki-core-10.10.6-1.fc34

Fedora•added 2021/06/18 1:8 a.m.•32 views

[SECURITY] Fedora 34 Update: dogtag-pki-10.10.6-1.fc34

RedHat Linux•added 2021/03/23 2:41 p.m.•1 views

pki-core: Stored XSS in TPS profile creation

A flaw was found in the pki-core's Token Processing Service TPS where it did not properly sanitize Profile IDs, enabling a Stored Cross-Site Scripting XSS vulnerability when the profile ID is printed. An attacker with sufficient permissions could trick an authenticated victim into executing a...

5.4CVSS5.7AI score0.0036EPSS

RedHat Linux•added 2021/03/23 2:41 p.m.•1 views

pki-core: unsanitized token parameters in TPS resulting in stored XSS

It was found that the Token Processing Service TPS did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting XSS vulnerability. An attacker able to modify the parameters of any token could use this flaw to trick an authenticated user...

4.8CVSS5.8AI score0.0067EPSS

Veracode•added 2021/03/23 10:25 a.m.•23 views

Cross-Site Scripting (XSS)

pki-core is vulnerable to cross-site scripting. The vulnerability exists due to the pki-core's Token Processing Service TPS not properly sanitizing Profile IDs...

5.4CVSS1.7AI score0.0036EPSS

Exploits0References6Affected Software1

Veracode•added 2021/03/23 10:25 a.m.•25 views

Cross Site Scripting (XSS)

pki-core is cross-site scripting XSS. The vulnerability exists because the Token Processing Service TPS did not properly sanitize several parameters stored for the tokens, possibly resulting in a Stored Cross Site Scripting XSS vulnerability. An attacker able to modify the parameters of any token...

4.8CVSS3AI score0.0067EPSS

Exploits0References6Affected Software1

RedHat Linux•added 2021/03/22 8:10 a.m.•2 views

pki-core: unsanitized token parameters in TPS resulting in stored XSS

4.8CVSS5.8AI score0.0067EPSS

RedHat Linux•added 2021/03/22 8:10 a.m.•1 views

pki-core: Stored XSS in TPS profile creation

5.4CVSS5.7AI score0.0036EPSS