CVE-2025-12889

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

wolfSSL 安全漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for use by embedded systems developers from wolfSSL, Inc. in the United States. A security vulnerability exists in wolfSSL that stems from the fact that any weaker digest algorithm can be used by the client when connecting using...

CVE-2025-12889 TLS 1.2 Client Can Downgrade Digest Used

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

CVE-2025-12889

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

CVE-2025-12889

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest...

RHEL 6 : httpd (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - firefox: Possible integer overflow to fix inside XMLParse in Expat CVE-2016-9063 - httpd: Weak Digest aut...

Scientific Linux Security Update : httpd on SL7.x x86_64 (20190729)

Security Fixes : - httpd: Weak Digest auth nonce generation in modauthdigest CVE-2018-1312 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid127725; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate",...

RHEL 7 : httpd (RHSA-2019:1898)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1898 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Weak Digest auth nonce...

Oracle Linux 7 : httpd (ELSA-2019-1898)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1898 advisory. 2.4.6-89.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-89.1 - Resolves: 1719722 - CVE-2018-1312 httpd: Weak Digest auth nonce...

Low: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Apache 2.4.x < 2.4.33 Multiple Vulnerabilities

According to its banner, the version of Apache running on the remote host is 2.4.x prior to 2.4.33. It is, therefore, affected by multiple vulnerabilities: - An out of bounds write vulnerability exists in modauthnzldap with AuthLDAPCharsetConfig enabled. An unauthenticated, remote attacker can...

Medium: httpd24

Issue Overview: Use-after-free on HTTP/2 stream shutdown When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this...

New Relic: APT repository is signed using weak digest (SHA-1)

When installing New Relic on a new Ubuntu 16.04 xenial machine to test out the beta, I noticed this warning: W: gpgv:/var/lib/apt/lists/apt.newrelic.comdebiandistsnewrelicRelease.gpg: The repository is insufficiently signed by key B60A3EC9BC013B9C23790EC8B31B29E5548C16BF weak digest This...

Geo++ GNCASTER multiple security vulnerabilities

Weak Digest authentication, buffer overflow, DoS...

PT-2005-3792 · Openssl +1 · Openssl +2

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8 Description: The issue is related to the default configuration of OpenSSL, which uses MD5 for creating message digests. This makes it easier for remote attackers to forge certificates with a valid certificate...