Lucene search
K

4 matches found

CVE
CVE
added 2026/04/10 3:24 a.m.14 views

CVE-2026-5188

CVE-2026-5188 describes an integer underflow in wolfSSL when parsing the SAN extension of X.509 certificates. A malformed certificate may specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This vulnerability is limited to config...

8.1CVSS5.9AI score0.00135EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/09/19 12:21 p.m.2 views

OPENSUSE-SU-2020:1459-1 Security update for openldap2

This update for openldap2 fixes the following issues: - bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. This update was imported from the SUSE:SLE-15:Update update project...

4.2CVSS4.4AI score0.02417EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/09/10 12:0 a.m.18 views

SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2020:2581-1)

This update for openldap2 fixes the following issues : bsc1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN's falling back to CN validation in violation of rfc6125. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

4.2CVSS6.8AI score0.02417EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/11/20 4:38 p.m.2 views

php: hostname check bypassing vulnerability in SSL client

The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL...

4.3CVSS6.8AI score0.03588EPSS
Exploits0References4
Rows per page
Query Builder