Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
certificate system vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-43882
Microsoft Defender for IoT Remote Code Execution Vulnerability
Microsoft Defender For Iot
10
CVSSv2
CVE-2004-0040
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 up to and including 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 up to and including 4.1 build 4200 allows remote malicious users to execute arbitrary code via an ISAKMP packet with a large Certificate Request pac...
Checkpoint Firewall-1 4.1
Checkpoint Vpn-1 Next Generation Fp0
Checkpoint Vpn-1 Next Generation Fp1
Checkpoint Firewall-1 Next Generation Fp1
Checkpoint Vpn-1 4.1
Checkpoint Firewall-1 Next Generation Fp0
5
CVSSv2
CVE-2014-3403
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote malicious users to spoof devices via crafted messages, aka Bug ID CSCuq22647.
Cisco Ios Xe -
6.2
CVSSv2
CVE-2014-0741
The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and previous versions allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum9546...
Cisco Unified Communications Manager 4.2.1
Cisco Unified Communications Manager 4.2.2
Cisco Unified Communications Manager 4.2.3
Cisco Unified Communications Manager 4.2.3sr1
Cisco Unified Communications Manager 3.3\\(5\\)
Cisco Unified Communications Manager 3.3\\(5\\)sr1
Cisco Unified Communications Manager 3.3\\(5\\)sr2a
Cisco Unified Communications Manager 4.1\\(3\\)
Cisco Unified Communications Manager
Cisco Unified Communications Manager 4.1\\(3\\)sr1
Cisco Unified Communications Manager 4.1\\(3\\)sr3
Cisco Unified Communications Manager 4.2
Cisco Unified Communications Manager 4.2.3sr2
Cisco Unified Communications Manager 4.3
Cisco Unified Communications Manager 10.0
Cisco Unified Communications Manager 4.1\\(3\\)sr2
Cisco Unified Communications Manager 4.1\\(3\\)sr4
Cisco Unified Communications Manager 4.2.3sr2b
4.3
CVSSv2
CVE-2014-3404
The Autonomic Networking Infrastructure (ANI) component in Cisco IOS XE does not properly validate certificates, which allows remote malicious users to trigger acceptance of an invalid message via crafted messages, aka Bug ID CSCuq22677.
Cisco Ios Xe -
6.8
CVSSv2
CVE-2019-1590
A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote malicious user to perform insecure TLS client authentication ...
Cisco Nx-os 14.1\\(0.90\\)
Cisco Nx-os 8.3\\(0\\)sk\\(0.39\\)
9.3
CVSSv2
CVE-2020-8289
Backblaze for Windows prior to 7.0.1.433 and Backblaze for macOS prior to 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client u...
Backblaze Backblaze
2 Github repositories
4.3
CVSSv2
CVE-2021-22890
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as ...
Haxx Libcurl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Broadcom Fabric Operating System -
Debian Debian Linux 9.0
Siemens Sinec Infrastructure Network Services
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5
CVSSv2
CVE-2018-5502
On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentic...
F5 Big-ip Local Traffic Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Websafe 1.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Global Traffic Manager
F5 Big-ip Policy Enforcement Manager
6.8
CVSSv2
CVE-2015-8960
The TLS protocol 1.2 and previous versions supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and ser...
Ietf Transport Layer Security
Netapp Snap Creator Framework -
Netapp Data Ontap Edge -
Netapp Snapdrive -
Netapp Snapmanager -
Netapp Smi-s Provider -
Netapp Host Agent -
Netapp Clustered Data Ontap Antivirus Connector -
Netapp Solidfire \\& Hci Management Node -
Netapp Snapprotect -
Netapp Oncommand Shift -
Netapp Plug-in For Symantec Netbackup -
Netapp System Setup -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »