The vulnerability of the FortiDDoS software-defined security device, which stems from the use of a strictly encrypted cryptographic key, allows attackers to sign JWT tokens for various devices.

The vulnerability of the FortiDDoS software protection system against DDoS attacks is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability allows a malicious actor to sign JWT tokens for various devices remotely...

NCR SelfServ ATMs APTRA XFS Encryption Issue Vulnerability

NCR SelfServ ATMs is a self-service ATM machine device. A cryptographic issue vulnerability exists in NCR SelfServ ATMs APTRA XFS, which can be exploited by a remote attacker to sign arbitrary files and CAB archives used to update the BNA software, bypass the application whitelist, and execute...

[SECURITY] Fedora 24 Update: obs-signd-2.2.1-8.fc24

The OpenSUSE Build Service sign client and daemon. This daemon can be used to sign anything via gpg by communicating with a remote server to avoid the need to host the private key on the same server...