Lucene search
+L

15 matches found

HackRead
HackRead
added 2026/06/09 4:50 p.m.16 views

E-Signature Security Checklist Before Selecting an E-Signature Tool

Electronic signature security starts before the first document is sent. A company needs to know how files are…...

5.5AI score
Exploits0
CNNVD
CNNVD
added 2026/05/25 12:0 a.m.11 views

Krajowa Izba Rozliczeniowa Szafir SDK 安全漏洞

Krajowa Izba Rozliczeniowa Szafir SDK is an electronic signature development kit from Krajowa Izba Rozliczeniowa, Poland. A security vulnerability exists in the Krajowa Izba Rozliczeniowa Szafir SDK that stems from the cryptographic digital signature verification process returning a success statu...

9.3CVSS5.9AI score0.00307EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.8 views

Tap&Sign cross-site scripting vulnerabilities

Tap&Sign is a user-friendly and legally binding electronic signature solution provided by Tap&Sign Corporation. Versions of Tap&Sign prior to 23012026 contained a cross-site scripting vulnerability, which was caused by improper input handling and could lead to cross-site scripting attacks...

4.7CVSS5.6AI score0.00292EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/01/10 12:0 a.m.7 views

QES-Backed Virtual FIDO2 Authenticators: Architectural Options for Secure, Synchronizable WebAuthn Credentials

FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this limitation by enabling multi-device credentials...

6.7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.60 views

EUVD-2025-24062

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0041EPSS
Exploits1References5
NVD
NVD
added 2025/08/09 9:15 p.m.59 views

CVE-2025-8775

A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The...

9.8CVSS0.0041EPSS
Exploits1References5
OSV
OSV
added 2025/08/09 9:15 p.m.5 views

CVE-2025-8775

A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The...

9.8CVSS5.4AI score0.0041EPSS
Exploits1References5
CVE
CVE
added 2025/08/09 9:2 p.m.30 views

CVE-2025-8775

The CVE-2025-8775 affects Qiyuesuo Eelectronic Signature Platform versions up to 4.34. The vulnerability is in the execute function of /api/code/upload within the Scheduled Task Handler; manipulating the File argument enables unrestricted file uploads and could be exploited remotely. The exploit ...

9.8CVSS7.1AI score0.0041EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2025/08/09 12:0 a.m.5 views

Qiyuesuo Eelectronic Signature Platform 代码问题漏洞

Qiyuesuo Eelectronic Signature Platform is an e-signature and e-contract management platform from China Contract Lock Qiyuesuo. A code issue vulnerability exists in Qiyuesuo Eelectronic Signature Platform version 4.34 and earlier, which stems from improper handling of the parameter File in...

9.8CVSS6.5AI score0.0041EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2021/10/20 12:0 a.m.18 views

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” allows a perpetrator to execute arbitrary code.

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a...

10CVSS5.9AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/20 12:0 a.m.4 views

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” allows a perpetrator to disclose information about the user’s name.

The vulnerability of the POST request processing mechanism of the enhanced qualified electronic signature service for operating systems “EMIAS” is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor, acting remotely, to disclose informatio...

5.3CVSS5.5AI score
Exploits0Affected Software1
hackapp
hackapp
added 2016/04/06 10:54 a.m.10 views

Электронная Подпись за 9 минут - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Электронная Подпись за 9 минут published at the 'play' market has multiple vulnerabilities...

0.7AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/07/12 12:0 a.m.6 views

Microsec e-Szigno XML Digital Signature Forgery Security Bypass Vulnerability

Microsec e-Szigno is a suite of electronic signature authentication applications. Microsec e-Szigno does not validate the signature of specially crafted XML files, allowing attackers to bypass XML digital signature validation by performing man-in-the-middle attacks to forge XML file content and...

7.8CVSS7AI score0.02118EPSS
Exploits0References1
Cisco Threats
Cisco Threats
added 2015/04/23 5:13 p.m.23 views

Threat Outbreak Alert RuleID14867: Email Messages Distributing Malicious Software on April 23, 2015

Medium Alert ID: 38509 First Published: 2015 April 23 17:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID14867 may contain the following files: Name | Si...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/02/07 12:0 a.m.186 views

SigPlus Pro ActiveX Control < 4.29 Multiple Vulnerabilities

The SigPlus Pro ActiveX control, used for electronic signature integration with Topaz signature pads and installed on the remote Windows host, is earlier than 4.29. Such versions reportedly are affected by the following vulnerabilities : - The 'SetLogFilePath' method allows creation of a log file...

9.3CVSS6AI score0.05539EPSS
Exploits0References4
Rows per page
Query Builder