10 matches found
PT-2026-38845
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
PT-2026-37824
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
TrueConf Client 安全漏洞
TrueConf Client is a video conferencing and collaboration software client developed by TrueConf Company in Lithuania. There is a security vulnerability in TrueConf Client, which stems from the lack of validation during the download of application update code. This vulnerability could allow...
EUVD-2025-0232
Malicious code in bioql PyPI...
GHSA-WC9M-R3V6-9P5H Sparkle Signing Checks Bypass
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
CVE-2025-0509
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
CVE-2025-0509 Signing Checks Bypass
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
CVE-2025-0509
A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle’s EdDSA signing checks...
CVE-2025-0509
The CVE-2025-0509 entry concerns the Sparkle update framework. Affected software: Sparkle prior to version 2.6.4. Issue: an attacker can replace an existing signed update with another payload, bypassing Sparkle’s (Ed)DSA signing checks, compromising update integrity. Impact: potential execution o...
The vulnerability of the ClamAV antivirus program lies in the improper restriction of recursive references to objects in the DTDS, which allows a hacker to gain access to confidential information.
The vulnerability in the ClamAV scanning library relates to the possibility of replacing the XML payload, which may lead to the insertion of an external payload. Exploiting this vulnerability allows a malicious actor to send specially created XML code to the antivirus software and to read bytes...