4 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-31510
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Open Quantum Safe liboqs v.10.0 allows a remote attacker to escalate privileges via the cryptosignsignature parameter in the...
CVE-2022-41666
The CVE-2022-41666 issue stems from improper verification of cryptographic signatures (CWE-347), allowing a local-privilege attacker to load a malicious DLL in EcoStruxure Operator Terminal Expert and Pro-face BLUE. Affected versions: EcoStruxure Operator Terminal Expert 3.3 Hotfix 1 and earlier;...
GHSA-CFM4-QJH2-4765 Improper Verification of Cryptographic Signature in node-forge
Impact RSA PKCS1 v1.5 signature verification code is lenient in checking the digest algorithm structure. This can allow a crafted structure that steals padding bytes and uses unchecked portion of the PKCS1 encoded message to forge a signature when a low public exponent is being used. Patches The...
CVE-2021-21239
PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. Users of pysaml2 that use the default CryptoBackendXmlSec1 backend and need to verify signed SAML documents are impacted. PySAML2 does no...