Xmlseclibs 安全漏洞

Xmlseclibs is a library written in PHP that handles XML encryption and signing. A security vulnerability exists in Xmlseclibs version 3.1.3, which stems from a flaw in the libxml2 normalization process that could lead to authentication bypass...

CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

PT-2023-33039 · Jose4J · Jose4J

Name of the Vulnerable Software and Affected Versions: jose4j affected versions not specified Description: The issue in jose4j allows for chosen ciphertext attacks, enabling the decryption of RSA1 5 or RSA OAEP encrypted ciphertexts. This could potentially allow an attacker to sign with affected...

CVE-2021-33577

An issue was discovered in Cleo LexiCom 5.5.0.0. The requirement for the sender of an AS2 message to identify themselves via encryption and signing of the message can be bypassed by changing the Content-Type of the message to text/plain...

BSA-2017-439

Security Advisory ID : BSA-2017-439 Component : Samba Revision : 2.0: Interim A flaw was found in the way samba client used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alte...