380 matches found
Security update for hplip
This update for hplip fixes the following issues Security issues: CVE-2025-43023: weak code signing DSA key used to generate package signatures can lead to key spoofing and malicious software installation bsc1266031. CVE-2026-8631: escalation of privileges and/or arbitrary code execution via an...
CVE-2026-47074
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
CVE-2026-47074
CVE-2026-47074 describes an improper certificate validation in the Elixir ExAws SNS integration. The function ExAws.SNS:verify_message/1 fetches the SigningCertURL from an incoming SNS message without enforcing HTTPS usage or AWS-owned domain binding, allowing an attacker to supply a self-chosen ...
CVE-2026-47074
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
CVE-2026-47074 ex_aws_sns SigningCertURL not validated in verify_message/1
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
EUVD-2026-32861
Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
EEF-CVE-2026-47074 ex_aws_sns SigningCertURL not validated in verify_message/1
Summary Improper Certificate Validation vulnerability in ex-aws exawssns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/exaws/sns.ex, lib/exaws/sns/publickeycache.ex and program routines...
PT-2026-44365
Improper Certificate Validation vulnerability in ex-aws ex aws sns ExAws.SNS, ExAws.SNS.PublicKeyCache modules allows Signature Spoofing by Improper Validation. This vulnerability is associated with program files lib/ex aws/sns.ex, lib/ex aws/sns/public key cache.ex and program routines...
Astra Linux - уязвимость в libreoffice
Improper verification of cryptographic signature vulnerabilities in LibreOffice allows PDF signatures to be spoofed due to improper validation. In the affected versions of LibreOffice, a flaw in the verification code for adbe.pkcs7.sha1 signatures may cause invalid signatures to be accepted as...
CVE-2026-29138
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...
CVE-2026-27445
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
EUVD-2026-9381
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
EUVD-2026-9385
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-27445
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
CVE-2026-27445
SEPPmail Secure Email Gateway before version 15.0.1 does not properly verify that a PGP signature was generated by the expected key, allowing signature spoofing...
CVE-2026-2748
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...
CVE-2026-2748 S/MIME Certificate Subject Whitespace
SEPPmail Secure Email Gateway before version 15.0.1 improperly validates S/MIME certificates issued for email addresses containing whitespaces, allowing signature spoofing...