certificate validation

A subtle bug in GnuTLS’s certificate-chain handling can be forced into crashing the library when presented with a specially crafted chain that uses distributed trust — a denial-of-service flaw tracked as CVE-2024-0567 that affected upstream releases before a patch was shipped and has since been...

Mbed TLS contained a certificate‑validation bug that could let certain malformed certificates be accepted as valid — a subtle but consequential lapse in the X.509 verification logic that affected multiple branches of the library and required coordinated package updates and rebuilds across the...

Mbed TLS contained a subtle but consequential X.509 verification bug — tracked as CVE-2020-36477 — that allowed the library to compare the expected hostname (the cn argument passed to mbedtls_x509_crt_verify) against any entry in the certificate’s subjectAltName (SAN) extension without checking...

Siemens’ Advanced Licensing (SALT) Toolkit contains a high‑severity certificate‑validation flaw that can be exploited remotely to perform man‑in‑the‑middle (MitM) attacks against licensing/authorization traffic — the issue is tracked as CVE‑2025‑40801, has a CVSS v4 base score of 9.2, and stems...

Microsoft’s public advisory for CVE‑2025‑58187 names Azure Linux as a product that “includes this open‑source library and is therefore potentially affected,” but that statement is a product‑level attestation — not a categorical guarantee that no other Microsoft product can include the same...

Siemens has confirmed a high‑severity certificate‑validation flaw in Solid Edge SE2025 that can be exploited remotely to perform man‑in‑the‑middle attacks against the software’s License Service connection; Siemens assigned the bug CVE‑2025‑40744 and has released a fixed build (V225.0 Update 11)...

Widespread vulnerabilities affecting Yealink IP Phones and their Redirect and Provisioning Service (RPS) have put thousands of business communications endpoints at risk of exploitation, forcing urgent updates and raising critical questions about supply chain security in enterprise telephony...

A critical security vulnerability has emerged in the popular Dreamehome and MOVAhome mobile applications, sending ripples through the smart device ecosystem and raising urgent questions about the security of connected home technologies. Classified under CVE-2025-8393, this flaw—rooted in...

Hitachi Energy’s MicroSCADA X SYS600, a pivotal software platform in power automation and control systems, has become the focus of critical cybersecurity scrutiny following the public disclosure of multiple vulnerabilities impacting a wide swath of its global deployment. This article closely...

Microsoft’s June 2025 Patch Tuesday has brought much-needed relief to enterprise IT administrators, resolving a cluster of severe Windows Server 2025 bugs that had upended Active Directory authentication and network stability for months. This comprehensive update, delivered via KB5060842, not...

The latest evolution of Windows support for Application Control for Business introduces a significant and controversial overhaul: a new Certificate Authority (CA) handling logic designed to bolster software trust and compliance in modern enterprise environments. Users and administrators who rely...

Microsoft’s history with Windows updates has often been punctuated by instances where critical security patches—introduced to defend against real-world threats—have triggered unexpected issues in enterprise environments. The April 2025 Patch Tuesday release is one such event, and its fallout has...

Over the past several years, Windows Hello for Business (WHfB) has emerged as a cornerstone of Microsoft’s modern authentication approach, prioritizing both convenience and layered security. However, recent developments have drawn fresh scrutiny to the ecosystem’s dependence on complex trust...

The escalating interplay between operational technology and the digital world has made critical infrastructure—not to mention the everyday technology underpinning it—a battleground for cyberthreats. Few advisories capture this more vividly than the latest disclosure by the Cybersecurity and...

The recent CSAF advisory from Sungrow has cast a stark light on a series of critical vulnerabilities affecting its iSolarCloud Android App and WiNet Firmware. The report details multiple security flaws—from improper certificate validation and weak cryptography to authorization bypasses and...

On February 20, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released an advisory detailing a certificate validation vulnerability in the Medixant RadiAnt DICOM Viewer. This vulnerability, tracked as CVE-2025-1001, poses a potential risk where attackers might exploit the...

In an environment where cybersecurity is a top priority, particularly for those dealing with critical sectors such as healthcare and public health, a new alert from CISA has shed light on a vulnerability affecting the MicroDicom DICOM Viewer. This advisory, relevant for users worldwide, outlines...

Hello, i have a home lab where im running AD domain controller and AD DNS server. The issue im trying to solve is with the txt records that acme creates in my cloudflare dns zone and the AD DNS server not being able to resolve those queries so cert manager can validate my certificates. What is...

I'm going to post this in efforts to help prevent individuals from getting a possible Virus. I've known this for a while now, and the fact is, Digital Signatures may not all be legit. Therefore, not all are to be trusted. It is possible to modify a file and append junk data to EOF of a file...