Lucene search
K

249 matches found

CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

HP Linux Imaging and Printing Software 安全漏洞

HP Linux Imaging and Printing Software is a Hewlett-Packard HP USA installation, usage and management software package that supports HP printers and scanners. A security vulnerability exists in HP Linux Imaging and Printing Software that originates from the use of a weak DSA signing key...

9.1CVSS6.5AI score0.00244EPSS
Exploits0References2
Hewlett-Packard
Hewlett-Packard
added 2025/07/25 12:0 a.m.22 views

HP Linux Imaging and Printing Software - Use of DSA Key

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA. HP has identified affected versions and the minimum software version that...

9.1CVSS6.6AI score0.00244EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.7 views

PT-2025-31134

Name of the Vulnerable Software and Affected Versions HP Linux Imaging and Printing Software affected versions not specified Description A potential security issue exists due to the use of a weak code signing key employing the Digital Signature Algorithm DSA. Recommendations At the moment, there ...

9.8CVSS5.9AI score0.01333EPSS
Exploits0References34
Microsoft CVE
Microsoft CVE
added 2025/07/11 7:0 a.m.7 views

net: dsa: free routing table on probe failure

...

7.8CVSS7.2AI score0.0016EPSS
Exploits0
OSV
OSV
added 2025/05/31 10:34 a.m.8 views

SUSE-SU-2025:01788-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 45. Security issues fixed: - Oracle April 15 2025 CPU bsc1242208 CVE-2025-21587: unauthorized access, deletion and modification of critical data via the JSSE component bsc1241274. CVE-2025-30691...

7.8CVSS7.2AI score0.0073EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/22 1:54 a.m.5 views

CVE-2014-8587

SAPCRYPTOLIB before 5.555.38, SAPSECULIB, and CommonCryptoLib before 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote attackers to spoof Digital Signature Algorithm DSA signatures via unspecified vectors...

7.5CVSS7.1AI score0.01285EPSS
Exploits0References1
OSV
OSV
added 2025/05/21 1:16 p.m.4 views

ALPINE-CVE-2025-40775

When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...

7.5CVSS6.9AI score0.11727EPSS
Exploits1References1
Amazon
Amazon
added 2025/04/29 12:0 a.m.6 views

Important: runc

Issue Overview: Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid. CVE-2022-1705 Uncontrolled...

7.8CVSS7.4AI score0.05416EPSS
Exploits6
BDU FSTEC
BDU FSTEC
added 2025/04/10 12:0 a.m.8 views

The vulnerability of the implementation of the AWS4-HMAC-SHA256 algorithm in the cross-platform FTP server CrushFTP allows a hacker to bypass security restrictions, gain access to the administrator account, and execute arbitrary commands.

The vulnerability of the AWS4-HMAC-SHA256 algorithm implementation in the cross-platform FTP server CrushFTP relates to the bypassing of authentication by using the default crushadmin account. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions, gain access ...

10CVSS8.3AI score0.99947EPSS
Exploits18References8Affected Software1
NVD
NVD
added 2025/03/21 3:15 p.m.23 views

CVE-2021-25635

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...

5.5CVSS0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/03/21 3:15 p.m.1 views

UBUNTU-CVE-2021-25635

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...

5.2CVSS7.1AI score0.00135EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/03/21 2:52 p.m.11 views

CVE-2021-25635 Content Manipulation with Certificate Validation Attack

An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to self sign an ODF document, with a signature untrusted by the target, then modify it to change the signature algorithm to an invalid or unknown to LibreOffice algorithm and LibreOffice would incorrectly present...

5.2CVSS6.3AI score0.00135EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/02/20 2:31 p.m.3 views

SUSE CVE-2025-0509

A security issue was found in Sparkle before version 2.6.4. An attacker can replace an existing signed update with another payload, bypassing Sparkle's EdDSA signing checks...

7.3CVSS8.8AI score0.00886EPSS
Exploits0References3
OSV
OSV
added 2024/12/25 10:9 a.m.6 views

CLSA-2024-1735121358 openssl: Fix of CVE-2024-4603

CVE-2024-4603: Check DSA parameters for excessive sizes before validating...

5.3CVSS6.8AI score0.01131EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.8 views

PT-2024-40926 · Pqcrypto · Pqcrypto

Name of the Vulnerable Software and Affected Versions: pqcrypto crate affected versions not specified Description: The pqcrypto crate has been replaced by pqcrypto-mldsa, which provides a FIPS204-compatible implementation of ML-DSA. Recommendations: At the moment, there is no information about a...

7AI score
Exploits0References3
NVD
NVD
added 2024/10/18 8:15 a.m.20 views

CVE-2023-6057

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

8.6CVSS0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/18 7:38 a.m.13 views

CVE-2023-6057 Insecure Trust of DSA-Signed Certificates in Bitdefender Total Security HTTPS Scanning (VA-11166)

A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product does not properly check the certificate chain, allowing an attacker to establish MITM SSL...

8.6CVSS6.9AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.8 views

AZL-42766 CVE-2024-4603 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.7 views

AZL-47684 CVE-2024-4603 affecting package hvloader for versions less than 1.0.1-6

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.6AI score0.01131EPSS
Exploits0References1
OSV
OSV
added 2024/05/16 4:15 p.m.4 views

DEBIAN-CVE-2024-4603

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

5.3CVSS6.7AI score0.01131EPSS
Exploits0References1
Rows per page
Query Builder