EUVD-2026-3674

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurations, an attacker can forge valid signatures for...

MiracleLinux 7 : xmlsec1-1.2.20-7.el7 (AXSA:2017-1915:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1915:01 advisory. XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards XML Digital...

CVE-2017-18641

In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers...

CVE-2025-14505

The ECDSA implementation of the Elliptic package generates incorrect signatures if an interim value of 'k' as computed based on step 3.2 of RFC 6979 https://datatracker.ietf.org/doc/html/rfc6979 has leading zeros and is susceptible to cryptanalysis, which can lead to secret key exposure. This...

CVE-2019-12758

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature...

SUSE CVE-2025-68183

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

CVE-2025-68183

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

UBUNTU-CVE-2025-68183

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

CVE-2025-68183 ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

CVE-2025-59803

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers e.g., JavaScript in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the...

CVE-2025-59802

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

PT-2025-50623

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups OCG are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamical...

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are both products of Foxit Corporation of China.Foxit PDF Reader is a PDF reader.Foxit PDF Editor is a PDF editor. A security vulnerability exists in Foxit PDF Reader and Foxit PDF Editor versions prior to 2025.2.1, which stems from an OCG state attribute not...

CVE-2025-55311

Foxit PDF Editor CVE-2025-55311 affects Foxit PDF and Editor on Windows/macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and clear the file’s modification status, bypassing digital signature verification and undermining trust in signed PDFs. R...

Linux Distros Unpatched Vulnerability : CVE-2025-58188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method...

CVE-2025-10089

CVE-2025-10089 affects Mitsubishi Electric MILCO.S family (Setting/IR Setting/Easy Setting/Easy Switch) with an Uncontrolled Search Path Element vulnerability during installation. A local attacker could cause the installer to load a malicious DLL, enabling code execution. If MILCO.S Lighting Cont...

PT-2025-47246

Name of the Vulnerable Software and Affected Versions MILCO.S Setting Application all versions MILCO.S Setting Application IR all versions MILCO.S Easy Setting Application IR all versions MILCO.S Easy Switch Application IR all versions Description A security issue exists in the Setting and...

Keyfactor SignServer 安全漏洞

Keyfactor SignServer is a digital signature engine from Keyfactor USA. A security vulnerability exists in Keyfactor SignServer versions prior to 7.3.1 that stems from improper access control...

CVE-2025-31719

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...

CVE-2025-31719

In TEE EcDSA algorithm, there is a possible memory consistency issue. This could lead to generated incorrect signature results with low probability...