EUVD-2021-30328

Malicious code in bioql PyPI...

CVE-2021-43393

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...

CVE-2021-43393

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...

CVE-2021-43392

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE...

Code injection

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE...

Code injection

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...

CVE-2021-43392

CVE-2021-43392 affects STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN, exposing information about cryptographic secrets via the ECDSA signature algorithm on the Java Card 3.0.4 API. The issue is exploitable for STSAFE-J in closed configurations and for J-SIGN when signature verifica...

CVE-2021-43392

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to obtain information on cryptographic secrets. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE...

CVE-2021-43393

STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed...

CVE-2021-43393

CVE-2021-43393 affects STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN, due to how ECDSA verification is exposed via the Java Card API (3.0.4). The issue allows abuse of signature verification and is exploitable for STSAFE-J in closed configurations and J-SIGN when verification is ac...

STMicroelectronics STSAFE-J 数据伪造问题漏洞

The STMicroelectronics STSAFE-J is a highly secure solution from STMicroelectronics Switzerland. It acts as a security element by providing authentication, data management and encryption services to local or remote hosts. Security vulnerabilities exist in the STMicroelectronics STSAFE-J that coul...