Lucene search
K

902 matches found

CVE
CVE
added yesterday14 views

CVE-2026-13743

CVE-2026-13743 affects CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20. The issue is an improper verification of cryptographic signatures that allows an attacker with physical access to upload arbitrary malicious firmware without authentication. Per the sources, impact includes ...

5.2CVSS5.9AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-41419

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication...

5.2CVSS5.9AI score
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-13602

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: The payment integration plugins Stripe included in the core system, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect,...

9.4CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2 days ago10 views

CVE-2026-13602

The CVE-2026-13602 issue describes a session‑takeover chain affecting multiple payment integration plugins (Stripe, pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect, pretix-sofort, pretix-saferpay) and core features. A code path transports session parameters via URL b...

9.4CVSS6AI score0.00239EPSS
Exploits0References1
Redos
Redos
added 2026/06/08 12:0 a.m.9 views

ROS-20260608-73-0003

The vulnerability of the ASP.NET Core software platform is related to errors in checking the cryptographic signature. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...

9.1CVSS5.5AI score0.11205EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.9 views

CVE-2026-33467

Improper Verification of Cryptographic Signature CWE-347 in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served to a self-hosted registry, to substitute a tampered package without the integrity check failing close...

5.9CVSS5.4AI score0.00124EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/03 4:24 p.m.12 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the getsignedcookie function. An attacker can access data intended for a different context by crafting distinct name, salt pairs that result in the same concatenated value. Remediation...

4.8CVSS5.5AI score0.00245EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.13 views

CVE-2025-67903

Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass...

5.3CVSS5.8AI score0.00183EPSS
Exploits0References1
NVD
NVD
added 2026/05/27 6:16 p.m.9 views

CVE-2025-67903

Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass...

5.3CVSS0.00183EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:0 a.m.17 views

CVE-2025-67903

CVE-2025-67903 affects Northern.tech Mender Client 5 prior to 5.0.4. The vulnerability is a cryptographic signature verification bypass. The provided documents do not include details on the root cause, vulnerable components beyond the client, or a confirmed remediation/patch version. No exploitat...

5.3CVSS5.8AI score0.00183EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.13 views

PT-2026-44046

Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass...

5.8AI score0.00183EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 12:0 a.m.10 views

CVE-2025-67903

Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass...

5.8AI score0.00183EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/26 9:1 p.m.10 views

CVE-2026-45575 epa4all-client: Improper Verification of Cryptographic Signature

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker who can MITM the TLS connection between the client and the IDP within the TI network can substitute a forged discovery document. The forged document redirects uripukidpenc and...

7.4CVSS5.8AI score0.00118EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/25 1:23 p.m.11 views

EUVD-2026-31679

Szafir SDK returns a success status code from the cryptographic digital signature verification process i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified" even when the trust status of the signer's certificate could not be established i.e...

9.3CVSS5.9AI score0.00307EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/15 6:30 p.m.3 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the discovery document retrieval process via uripukidpenc and uripukidpsig properties. An attacker can intercept and modify the TLS connection to substitute a forged discovery document...

9.1CVSS5.4AI score0.00118EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/15 5:29 p.m.7 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the verify process. An attacker can cause trust confusion by submitting a commit object with duplicate tree headers, resulting in different interpretations between git-core and go-git,...

6CVSS5.8AI score0.00119EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/15 5:29 p.m.6 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the verify process. An attacker can cause trust confusion by submitting a commit object with duplicate tree headers, resulting in different interpretations between git-core and go-git,...

6CVSS5.8AI score0.00119EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/15 2:58 a.m.9 views

CVE-2024-36334

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution...

7CVSS6.1AI score0.00082EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/15 2:58 a.m.22 views

EUVD-2024-55588

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution...

7CVSS6.1AI score0.00082EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:58 a.m.52 views

CVE-2024-36334

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution...

7CVSS0.00082EPSS
Exploits0References1
Rows per page
Query Builder