Lucene search
K

37 matches found

OSV
OSV
added 2026/02/25 6:26 p.m.5 views

GHSA-C6RR-7PMC-73WC ENS DNSSEC Oracle Vulnerable to RSA Signature Forgery via Missing PKCS#1 v1.5 Padding Validation

Impact The RSASHA256Algorithm and RSASHA1Algorithm contracts fail to validate PKCS1 v1.5 padding structure when verifying RSA signatures. The contracts only check if the last 32 or 20 bytes of the decrypted signature match the expected hash. This enables Bleichenbacher's 2006 signature forgery...

6.9CVSS5.5AI score0.00177EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.8 views

PT-2026-21935

Name of the Vulnerable Software and Affected Versions Ethereum Name Service ENS versions 1.6.2 and prior Description The RSASHA256Algorithm and RSASHA1Algorithm contracts do not properly validate PKCS1 v1.5 padding when verifying RSA signatures. The contracts only verify the final 32 or 20 bytes ...

7.5CVSS5.9AI score0.00177EPSS
Exploits0References13
EUVD
EUVD
added 2025/11/24 5:5 p.m.3 views

EUVD-2025-198976

Malicious code in @ensdomains/op-resolver-contracts npm...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/11/24 5:4 p.m.4 views

EUVD-2025-198977

Malicious code in @ensdomains/ens-test-env npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 5:4 p.m.8 views

Malicious code in @ensdomains/ens-test-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3393f85554fe6141b0f72e2f23d0940b102522348e71f60d407dc1471de8f6a9 The package @ensdomains/ens-test-env was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 5:4 p.m.3 views

MAL-2025-190932 Malicious code in @ensdomains/ens-test-env (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3393f85554fe6141b0f72e2f23d0940b102522348e71f60d407dc1471de8f6a9 The package @ensdomains/ens-test-env was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSV
OSV
added 2025/11/24 5:4 p.m.3 views

MAL-2025-190930 Malicious code in @ensdomains/durin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7dcacde55c5201c366d199c830f210e3b126c9d1569c7c9a169bf40f8a3e13f The package @ensdomains/durin was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 5:2 p.m.4 views

EUVD-2025-198979

Malicious code in @ensdomains/ens-contracts npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 5:2 p.m.9 views

Malicious code in @ensdomains/ens-contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dee805b6610ec644c5edb2b73ca1d1da2119bb3280f182e716cfdd0aa31720fb The package @ensdomains/ens-contracts was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
EUVD
EUVD
added 2025/11/24 3:5 p.m.2 views

EUVD-2025-198862

Malicious code in @ensdomains/web3modal npm...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/11/24 2:53 p.m.5 views

EUVD-2025-198868

Malicious code in @ensdomains/react-ens-address npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:50 p.m.5 views

Malicious code in @ensdomains/subdomain-registrar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 401414959edb6c3fa49058cca521272f84ed2c1e5aef8d7cacadb50696789ba5 The package @ensdomains/subdomain-registrar was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 2:42 p.m.5 views

EUVD-2025-198863

Malicious code in @ensdomains/unruggable-gateways npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:42 p.m.11 views

Malicious code in @ensdomains/renewal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a66dd3b7f22e60f2047119e09a00f2034cd8c4d1844cad51f9a1c87515274c6 The package @ensdomains/renewal was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 2:40 p.m.5 views

MAL-2025-190813 Malicious code in @ensdomains/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f2ffc29e2ac9022e773e0ae8851b73c212ac070cea68b77223bdc55603f84f2 The package @ensdomains/ui was found to contain malicious code. Source: ghsa-malware 018acaca9c7db73df58ee012cf2a19602efaebc29449275c4a3cd985fa35c443...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:37 p.m.6 views

Malicious code in @ensdomains/mock (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa69028234e7d9845b0190a845d7ed004315332e53db9625716d3e8c34f9d555 The package @ensdomains/mock was found to contain malicious code. Source: ghsa-malware e5e3d7ebf0c01ec0fcf11c5473aa2d0ae19924590bc4f27ac7e988945272d5...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 2:37 p.m.2 views

EUVD-2025-198871

Malicious code in @ensdomains/mock npm...

6.6AI score
Exploits0References1
Rows per page
Query Builder