Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
certificate system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-22339
Improper access control vulnerability in CONPROSYS HMI System (CHS) Ver.3.4.5 and previous versions allows a remote unauthenticated malicious user to bypass access restriction and obtain the server certificate including the private key of the product.
Contec Conprosys Hmi System
3.5
CVSSv3
CVE-2021-1354
A vulnerability in the certificate registration process of Cisco Unified Computing System (UCS) Central Software could allow an authenticated, adjacent malicious user to register a rogue Cisco Unified Computing System Manager (UCSM). This vulnerability is due to improper certific...
Cisco Unified Computing System Central Software
8.1
CVSSv3
CVE-2018-16091
In System Management Module (SMM) versions before 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
Lenovo System Management Module Firmware
7.5
CVSSv3
CVE-2018-16090
In System Management Module (SMM) versions before 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection.
Lenovo System Management Module Firmware
NA
CVE-2012-4117
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle malicious users to watch SSL KVM video-channel traffic or modify this traffic via a crafted certificate, aka Bug ID CSCtr73033.
Cisco Unified Computing System -
NA
CVE-2004-0826
Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote malicious users to execute arbitrary code via a modified record length field in an SSLv2 client hello message.
Netscape Enterprise Server 3.5
Sun One Web Server 4.1
Mozilla Network Security Services 3.6.1
Mozilla Network Security Services 3.2
Netscape Enterprise Server 4.0
Sun One Web Server 6.0
Sun One Application Server 6.0
Sun Java System Application Server 7.0
Sun One Web Server 6.1
Netscape Directory Server 4.1
Mozilla Network Security Services 3.7.7
Mozilla Network Security Services 3.7.5
Mozilla Network Security Services 3.7.1
Netscape Enterprise Server 4.1.1
Netscape Enterprise Server 3.6
Netscape Enterprise Server 4.1
Netscape Directory Server 1.3
Mozilla Network Security Services 3.6
Netscape Directory Server 3.1
Netscape Enterprise Server 2.0a
Mozilla Network Security Services 3.2.1
Netscape Certificate Server 1.0
6.1
CVSSv3
CVE-2020-29239
Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). This vulnerability can result in an attacker injecting the XSS payload in the User Registration section. When an admin visits the View Detail of Application section from the admin panel, the ...
Janobe Online Voting System 1.0
NA
CVE-2007-1526
Sun Java System Web Server 6.1 prior to 20070314 allows remote authenticated users with revoked client certificates to bypass the Certificate Revocation List (CRL) authorization control and access secure web server instances running under an account different from that used for t...
Sun Java System Web Server 6.1
NA
CVE-2012-4072
The KVM subsystem in Cisco Unified Computing System (UCS) relies on a hardcoded X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers, and read keyboard and mouse events, by leveraging knowledge of this certificate's private key, aka Bug ID C...
Cisco Unified Computing System -
7.5
CVSSv3
CVE-2016-6411
Cisco Firepower Management Center and FireSIGHT System Software 6.0.1 mishandle comparisons between URLs and X.509 certificates, which allows remote malicious users to bypass intended do-not-decrypt settings via a crafted URL, aka Bug ID CSCva50585.
Cisco Firesight System Software 6.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »