Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
certificate system vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0517
Netscape 4.73 and previous versions does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote malicious users to spoof a legitimate web site by compromising that site...
Netscape Communicator 4.61
Netscape Communicator 4.0
Netscape Communicator 4.5
Netscape Communicator 4.7
Netscape Communicator 4.72
Netscape Communicator 4.73
Netscape Communicator 4.51
Netscape Communicator 4.6
7.1
CVSSv2
CVE-2013-5508
The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x prior to 7.2(5.12), 8.x prior to 8.2(5.44), 8.3.x prior to 8.3(2.39), 8.4.x prior to 8.4(6), 8.5.x prior to 8.5(1.18), 8.6.x prior to 8.6(1.12), 8.7.x prior to 8.7(1.6), 9.0.x prior to 9.0(2.10)...
Cisco Adaptive Security Appliance Software 7.0\\(5\\)
Cisco Adaptive Security Appliance Software 7.0\\(4\\)
Cisco Adaptive Security Appliance Software 7.0\\(6\\)
Cisco Adaptive Security Appliance Software 7.0\\(6.7\\)
Cisco Adaptive Security Appliance Software 7.0\\(8\\)
Cisco Adaptive Security Appliance Software 7.0.4.3
Cisco Adaptive Security Appliance Software 7.0.4
Cisco Adaptive Security Appliance Software 7.0\\(1\\)
Cisco Adaptive Security Appliance Software 7.0
Cisco Adaptive Security Appliance Software 7.0.1
Cisco Adaptive Security Appliance Software 7.0.7
Cisco Adaptive Security Appliance Software 7.0.2
Cisco Adaptive Security Appliance Software 7.0.1.4
Cisco Adaptive Security Appliance Software 7.0.6
Cisco Adaptive Security Appliance Software 7.0\\(7\\)
Cisco Adaptive Security Appliance Software 7.0\\(0\\)
Cisco Adaptive Security Appliance Software 7.0\\(5.2\\)
Cisco Adaptive Security Appliance Software 7.0\\(2\\)
Cisco Adaptive Security Appliance Software 7.0.5
Cisco Adaptive Security Appliance Software 7.0.8
Cisco Adaptive Security Appliance Software 7.2\\(2.48\\)
Cisco Adaptive Security Appliance Software 7.1
7.5
CVSSv2
CVE-2009-2702
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle malicious users to spoof arbitrary SSL servers via a crafted certificate is...
Kde Kdelibs 4.3
Kde Kdelibs 3.5.4
Kde Kdelibs 4.2.4
4
CVSSv2
CVE-2019-10320
Jenkins Credentials Plugin 2.1.18 and previous versions allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attacker-specified path, and obtain the certificate content of files containing a PKCS#12 certific...
Jenkins Credentials
NA
CVE-2022-2414
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote malicious user to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
Dogtagpki Dogtagpki 10.5.18
Dogtagpki Dogtagpki 10.7.4
Dogtagpki Dogtagpki 10.8.3
Dogtagpki Dogtagpki 10.11.2
Dogtagpki Dogtagpki 10.12.4
Dogtagpki Dogtagpki 11.0.5
Dogtagpki Dogtagpki 11.1.0
4 Github repositories
5.1
CVSSv2
CVE-2012-1177
libgdata prior to 0.10.2 and 0.11.x prior to 0.11.1 does not validate SSL certificates, which allows remote malicious users to obtain user names and passwords via a man-in-the-middle (MITM) attack with a spoofed certificate.
Gnome Libgdata
5
CVSSv2
CVE-2021-22876
curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Refe...
Haxx Libcurl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
Broadcom Fabric Operating System -
Debian Debian Linux 9.0
Siemens Sinec Infrastructure Network Services
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
7.5
CVSSv2
CVE-2019-6675
BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue only impacts...
F5 Big-ip Link Controller
F5 Big-ip Link Controller 14.1.0.3.0.79.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.97.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.3.0.99.6-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.15.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.36.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.5.0.40.5-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.11.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.14.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.68.9-eng Hotfix
F5 Big-ip Link Controller 14.1.0.6.0.70.9-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.11.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.18.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.0.32.37-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.46.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.14.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.16.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.34.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.97.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.99.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.105.4-eng Hotfix
F5 Big-ip Link Controller 14.1.2.1.0.111.4-eng Hotfix
6.8
CVSSv2
CVE-2009-2408
Mozilla Network Security Services (NSS) prior to 3.12.3, Firefox prior to 3.0.13, Thunderbird prior to 2.0.0.23, and SeaMonkey prior to 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, ...
Mozilla Network Security Services
Mozilla Firefox
Mozilla Seamonkey
Mozilla Thunderbird
Suse Linux Enterprise Server 9
Suse Linux Enterprise 11.0
Suse Linux Enterprise 10.0
Opensuse Opensuse
Debian Debian Linux 5.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
7.8
CVSSv2
CVE-2009-2868
Unspecified vulnerability in Cisco IOS 12.2 up to and including 12.4, when certificate-based authentication is enabled for IKE, allows remote malicious users to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997.
Cisco Ios 12.2ex
Cisco Ios 12.2se
Cisco Ios 12.2sra
Cisco Ios 12.2xnc
Cisco Ios 12.2xnd
Cisco Ios 12.3yd
Cisco Ios 12.3yf
Cisco Ios 12.3yu
Cisco Ios 12.3yx
Cisco Ios 12.2sca
Cisco Ios 12.2scb
Cisco Ios 12.2xna
Cisco Ios 12.2xnb
Cisco Ios 12.3xx
Cisco Ios 12.3ya
Cisco Ios 12.3ys
Cisco Ios 12.3yt
Cisco Ios 12.4xd
Cisco Ios 12.2irc
Cisco Ios 12.2sb
Cisco Ios 12.2srd
Cisco Ios 12.2sxh
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »