Mozilla Firefox Security Advisory (MFSA2014-73) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Improper Verification of Cryptographic Signature in starkbank-ecdsa

The verify function in the Stark Bank Java ECDSA library ecdsa-java 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

CVE-2021-43571

The verify function in the Stark Bank Node.js ECDSA library ecdsa-node 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

CVE-2021-43571

The verify function in the Stark Bank Node.js ECDSA library ecdsa-node 1.1.2 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

PYSEC-2021-426

The verify function in the Stark Bank Python ECDSA library ecdsa-python 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

PYSEC-2021-426

The verify function in the Stark Bank Python ECDSA library ecdsa-python 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

Design/Logic Flaw

The verify function in the Stark Bank .NET ECDSA library ecdsa-dotnet 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

Design/Logic Flaw

The verify function in the Stark Bank Java ECDSA library ecdsa-java 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

CVE-2021-43570

The CVE-2021-43570 issue affects Stark Bank’s Java ECDSA library (ecdsa-java) 1.0.0. The verify() function fails to enforce a non‑zero signature, enabling forgery of signatures on arbitrary messages. This vulnerability has a high/critical impact (CVSS 3.1: 9.8) with network attack exposure and re...

CVE-2021-43572

The CVE-2021-43572 entry documents a vulnerability in the Stark Bank Python ECDSA library (starkbank-escada/ecdsa-python) where the verify function before version 2.0.1 fails to ensure signatures are non-zero, allowing an attacker to forge signatures on arbitrary messages. Affected software: Star...

CVE-2021-43569

The CVE-2021-43569 vulnerability affects Stark Bank’s .NET ECDSA library (ecdsa-dotnet) 1.3.1, where the verify function does not reject a zero/non-nonzero signature, enabling signature forgery on arbitrary messages and potential authentication bypass. Public details confirm the issue and point t...

CVE-2021-43569

The verify function in the Stark Bank .NET ECDSA library ecdsa-dotnet 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

Stark Bank 数据伪造问题漏洞

Stark Bank is a banking API for individual developers in Brazil that performs all banking operations through the API, simplifying and automating payments, facilitating reconciliations, and scaling operations. a data forgery issue vulnerability exists in Stark Bank python-ecdsa, which stems from t...

Stark Bank 数据伪造问题漏洞

Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank ecdsa-dotnet suffers from a Data Forgery Issue vulnerability that stems from the...

Stark Bank 数据伪造问题漏洞

Stark Bank is a banking API for individual developers in Brazil. performs all banking operations through the API, simplifying and automating payments, facilitating reconciliations and scaling operations. A data forgery issue vulnerability exists in Stark Bank Ecdsa-java, which stems from a failur...

CVE-2021-37127

There is a signature management vulnerability in some huawei products. An attacker can forge signature and bypass the signature check. During firmware update process, successful exploit this vulnerability can cause the forged system file overwrite the correct system file. Affected product version...

Huawei Imanager NetEco 数据伪造问题漏洞

Huawei Imanager NetEco is a professional energy infrastructure management platform from Huawei of China. It is used to provide accurate operations and maintenance management. Huawei iManager NetEco has a security vulnerability that could be exploited by attackers to forge signatures, bypass...

UBUNTU-CVE-2021-25633

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to...

SUSE: Security Advisory (SUSE-SU-2016:0107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202104-4] thunderbird: multiple issues

Arch Linux Security Advisory ASA-202104-4 ========================================= Severity: High Date : 2021-04-29 CVE-ID : CVE-2021-23961 CVE-2021-23994 CVE-2021-23995 CVE-2021-23998 CVE-2021-23999 CVE-2021-24002 CVE-2021-29946 CVE-2021-29948 Package : thunderbird Type : multiple issues Remote...