Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the verifybyte expected function in JcaContentVerifierProviderBuilder. An attacker can forge a protected CMP/PKI message by supplying an empty composite signature sequence that...

Cisco IOS and IOS XE Software Cluster Management Protocol Denial of Service Vulnerability

A vulnerability in the implementation of the cluster feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to improper input validation when handling...