Lucene search
+L

6 matches found

nvd
nvd
added 2026/04/10 4:17 a.m.9 views

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

8.1CVSS0.00147EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/10 3:0 a.m.2 views

CVE-2026-5466

wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...

7.6CVSS5.9AI score0.00147EPSS
Exploits0References2
cve
cve
added 2026/04/10 3:0 a.m.46 views

CVE-2026-5466

CVE-2026-5466 affects wolfSSL’s ECCSI verifier wc_VerifyEccsiHash, which decodes r and s without validating they lie in [1, q-1]. This could allow forging a signature to verify against any message for any identity using publicly-known constants. Connected docs confirm the root cause: missing sani...

8.1CVSS5.9AI score0.00147EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2026/04/10 12:0 a.m.7 views

PT-2026-31862

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description The ECCSI signature verifier wc VerifyEccsiHash in wolfSSL decodes the r and s scalars from the signature blob using mp read unsigned bin without verifying that these values fall within the...

7.6CVSS5.8AI score0.00147EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2023/11/16 12:0 a.m.3 views

PT-2023-8855 · Vim +6 · Vim +6

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.2108 Description: The issue is related to the use of large values for the :s command, which can exceed the capacity of a signed long variable, potentially leading to a crash. The impact is considered low, and user...

7.8CVSS6.5AI score0.01527EPSS
Exploits10References141
cnvd
cnvd
added 2019/05/20 12:0 a.m.3 views

WordPress Virim Deserialization Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Virim plugin is used in one of the website social activity analysis plugin. Virim plugin 0.4 for WordPress allows unsafe deserializatio...

9.8CVSS6.8AI score0.02417EPSS
Exploits1References1
Rows per page
Query Builder