SUSE CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

Linux Distros Unpatched Vulnerability : CVE-2026-44310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in...

DEBIAN-CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

CVE-2026-44310

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0, CertVerifier.Verify in pkg/git/verifier.go unconditionally dereferences certs0 after sd.GetCertificates without checking the slice length. A CMS/PKCS7 signed message with...

CVE-2026-44310 vulnerabilities

Vulnerabilities for packages: cg...

CVE-2026-44310

creationtimestamp| type| source ---|---|--- 2026-05-04 16:54:58+00:00| published-proof-of-concept| https://github.com/sigstore/gitsign/security/advisories/GHSA-7c37-gx6w-8vc5...

CVE-2023-44310

creationtimestamp| type| source ---|---|--- 2023-10-17 14:32:52+00:00| seen| https://t.me/cibsecurity/72411...

CVE-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

CVE-2023-44310

Stored cross-site scripting XSS vulnerability in Page Tree menu Liferay Portal 7.3.6 through 7.4.3.78, and Liferay DXP 7.3 fix pack 1 through update 23, and 7.4 before update 79 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into page's "Name" text...

CVE-2023-44310

CVE-2023-44310 is a stored XSS vulnerability in the Page Tree menu affecting Liferay Portal 7.3.6–7.4.3.78 and Liferay DXP 7.3 (fix pack 1 through Update 23 ) and 7.4 (before Update 79 ). An attacker can inject arbitrary scripts via a crafted payload into a page’s Name field, enabling script exec...

CVE-2022-44310

creationtimestamp| type| source ---|---|--- 2023-02-24 22:19:23+00:00| seen| https://t.me/cibsecurity/58889...

simple-ec (>=1.0.0 <=2.1.0), sudp (>=0.0.0 <=0.1.0) potentially affected by CVE-2022-44310 via ecdh (>=0.0.0 <=0.1.1)

ecdh NPM version =0.0.0, =1.0.0, =0.0.0, =0.1.0 Source cves: CVE-2022-44310 Source advisory: OSV:GHSA-P2HP-3WV3-4W74...

CVE-2022-44310

CVE-2022-44310 affects the ecdh.js Node.js native module by Development IL, prior to version 0.2.0. The vulnerability arises when an attacker supplies a public key point that is not on the curve, allowing them to derive the shared secret due to improper validation of the point. This can lead to e...

CVE-2022-44310

In Development IL ecdh before 0.2.0, an attacker can send an invalid point not on the curve as the public key, and obtain the derived shared secret...

CVE-2022-44310

In Development IL ecdh before 0.2.0, an attacker can send an invalid point not on the curve as the public key, and obtain the derived shared secret...

CVE-2021-44310

creationtimestamp| type| source ---|---|--- 2022-03-30 20:12:43+00:00| seen| https://t.me/cibsecurity/39842...

CVE-2021-44310

An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality...

CVE-2021-44310

Summary: CVE-2021-44310 affects Firmware Analysis and Comparison Tool (FACT) v3.2. With administrator privileges, an attacker can perform stored XSS by injecting JavaScript/HTML through the user creation functionality. The vulnerability arises from insufficient data validation/filtering of user-s...

CVE-2021-44310

An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality...