Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.10 views

CVE-2026-0069

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.6AI score0.00071EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 9:14 p.m.10 views

CVE-2026-0069

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/01 9:14 p.m.34 views

CVE-2026-0069

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00071EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/01 9:14 p.m.10 views

CVE-2026-0069

In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a resource exhaustion issue in the verifySignature function found in ApkChecksums.java. This vulnerability may lead to local denial of...

5.5CVSS5.2AI score0.00071EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 4:22 p.m.39 views

CVE-2026-44309 gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify and gitsign verify-tag re-encode commit/tag objects through go-git's EncodeWithoutSignature before checking the signature, instead of verifying against the raw git...

5.3CVSS0.00119EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/04/01 9:11 p.m.9 views

openssl-encrypt's unverified key bundle from_dict() + to_identity() path allows encryption to attacker keys

Summary The PublicKeyBundle.fromdict method in opensslencrypt/modules/keybundle.py at lines 329-361 creates bundles from untrusted data without verifying the signature. The docstring warns to call verifysignature after creation, but the toidentity method line 363-391 can convert an unverified...

5.9AI score
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/12/04 12:0 a.m.11 views

PT-2023-27263 · Bluetooth · Bluetooth

Name of the Vulnerable Software and Affected Versions: Bluetooth software affected versions not specified Description: The issue is related to a possible way to bypass signature validation due to side channel information disclosure in the BTM BleVerifySignature function of btm ble.cc. This could...

6.5CVSS6.6AI score0.00542EPSS
Exploits0References6
Citrix
Citrix
added 2020/05/29 12:0 a.m.17 views

Symantec Endpoint Protection 14.2.5569 installation failure error, " symcorpuires.dll could not be found."

Facing issues while installing Symantec Endpoint Protection client 14.x while installing on App Layer.When trying to install 14.2.5569 version of SEP , it’s getting crashed. and post a reboot of the packaging machine, unable to search in icons or search box . Getting an error that says...

7AI score
Exploits0
OSV
OSV
added 2019/04/25 5:29 p.m.3 views

CVE-2018-19442

A Buffer Overflow in Network::AuthenticationClient::VerifySignature in /bin/astro in Neato Botvac Connected 2.2.0 allows a remote attacker to execute arbitrary code with root privileges via a crafted POST request to a vendors/neato/robots/robotserial/messages Neato cloud URI on the...

9.8CVSS6AI score0.07535EPSS
Exploits1References2
Citrix
Citrix
added 2017/05/11 12:0 a.m.17 views

Citrix Cloud Connector Installation does not complete: Unable to validate certificate chain

Citrix Cloud Connector does not complete its initial installation or is unable to upgrade to the latest Cloud Connector version. The installation is blocked because it’s not able to validate the code signing certificate of the Citrix Cloud Components downloaded, which may be due to the certificat...

7.1AI score
Exploits0
Rows per page
Query Builder