28 matches found
CVE-2026-4761
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
EUVD-2026-15404
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless...
CVE-2026-4761
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
CVE-2026-4761 Unnecessary permissions on private keys of certificates installed by Network and Security Wizard
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
CVE-2026-4761
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
CVE-2026-4761
The CVE-2026-4761 issue affects Windows machines where a certificate and its private key are installed in the certificate store via the Network and Security tool. The underlying problem is that access rights to the private key are unnecessarily granted to the operator group. Affected installation...
EUVD-2026-4963
The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...
EUVD-2019-9945
Malware in sbrugna...
EUVD-2025-19096
Malicious code in bioql PyPI...
CVE-2025-55229 Windows Certificate Spoofing Vulnerability
...
CVE-2025-41255
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41255
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41255
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2025-41255 Cyberduck and Mountain Duck - Improper Certificate Store Handling
Cyberduck and Mountain Duck improperly handle TLS certificate pinning for untrusted certificates e.g., self-signed, unnecessarily installing it to the Windows Certificate Store of the current user without any restrictions. This issue affects Cyberduck through 9.1.6 and Mountain Duck through 4.17....
CVE-2024-20662
Windows Online Certificate Status Protocol OCSP Information Disclosure Vulnerability...
Citrix DaaS: Single sign-on (SSO) not working after enabling FAS
In the DaaS environment, Single sign-onSSO did not work after enabling FAS, and users were prompted to enter credentials. FAS was enabled with Azure AD as IDP in a single-domain environment. Event ID 105, 120 and 121 logged on the FASServer,indicated that the Certificate wasissued by the Windows...
VulnCheck KEV: CVE-2019-1388
Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context...
The vulnerability of the Windows Certificate component in Windows operating systems allows attackers to carry out spoofing attacks.
The vulnerability of the Windows Certificate component in Windows operating systems is related to errors in the certificate validation process. Exploiting this vulnerability can allow attackers to carry out spoofing attacks...
PT-2022-1525 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in the Windows Certificate authentication procedure, allowing an attacker to conduct spoofing attacks. It is associated with data substitution, enabling...
ManageEngine ADSelfService Plus 6000 Remote Code Execution
Exploit Title: ManageEngine ADSelfService Plus 6000 – Unauthenticated Remote Code Execution Date: 2020-08-08 Exploit Author: Bhadresh Patel Vendor link: https://www.manageengine.com/company.html Version: ADSelfService Plus build 6003 CVE : CVE-2020-11552 This is an article with PoC exploit video ...