Astra Linux - уязвимость в libssh

A vulnerability was discovered in libssh, where an uninitialized variable exists under certain conditions within the privatekeyfromfile function. This flaw can be exploited if the file specified by the filename does not exist, and it may lead to potential signing failures or heap corruption...

CVE-2025-52648

HCL AION is affected by a vulnerability where offering images are not digitally signed. Lack of image signing may allow the use of unverified or tampered images, potentially leading to security risks such as integrity compromise or unintended behavior in the system...

EUVD-2016-3217

Malware in sbrugna...

EUVD-2025-26877

Malicious code in bioql PyPI...

CVE-2025-59339 The Bastion ttyrec files are not signed after encryption by the osh-encrypt-rsync script

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. Session-recording ttyrec files, may be handled by the provided osh-encrypt-rsync script that is a helper to rotate, encrypt, sign, copy, and optionally move them to a remote storage periodically, i...

Libtpms contains a possible out-of-bound access and abort due to HMAC signing issue

...

CVE-2025-23364

Siemens TIA Administrator (all versions before 3.0.6) contains a vulnerability where code signing certificates are not properly validated. This could allow bypassing the certificate check and executing arbitrary code during installation. The issue is documented across multiple sources (e.g., Red ...

CVE-2025-49133

The CVE-2025-49133 entry affects libtpms, a TPM functionality library for virtual machines, with a flaw in CryptHmacSign that pairs signKey (ALG_KEYEDHASH) with inScheme (ECC/RSA) leading to an out-of-bounds read. The issue can be triggered by sending malicious TPM 2.0 commands to a vTPM (swtpm) ...

CVE-2025-49133 Libtpms contains a possible out-of-bound access and abort due to HMAC signing issue

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds OOB read vulnerability. The...

Ubuntu 25.04 : Flask vulnerability (USN-7534-1)

The remote Ubuntu 25.04 host has a package installed that is affected by a vulnerability as referenced in the USN-7534-1 advisory. It was discovered that Flask incorrectly handled key rotation. An attacker could possibly use this issue to sign sessions with stale keys. Tenable has extracted the...

CVE-2024-13946

DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the application to binary planting during device commissioning.This issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

CVE-2012-3698

Apple Xcode before 4.4 does not properly compose a designated requirement DR during signing of programs that lack bundle identifiers, which allows remote attackers to read keychain entries via a crafted app, as demonstrated by the keychain entries of a 1 helper tool or 2 command-line tool...

DEBIAN-CVE-2025-47278

Flask is a web server gateway interface WSGI web application framework. In Flask 3.1.0, the way fallback key configuration was handled resulted in the last fallback key being used for signing, rather than the current signing key. Signing is provided by the itsdangerous library. A list of keys can...

CVE-2023-30559

The firmware update package for the wireless card is not properly signed and can be modified...

PT-2023-22786 · Unknown · Wireless Card Firmware

Name of the Vulnerable Software and Affected Versions: Wireless card firmware affected versions not specified Description: The issue concerns the firmware update package for the wireless card, which is not properly signed and can be modified. Additionally, the configuration from the PCU can be...

PT-2023-33039 · Jose4J · Jose4J

Name of the Vulnerable Software and Affected Versions: jose4j affected versions not specified Description: The issue in jose4j allows for chosen ciphertext attacks, enabling the decryption of RSA1 5 or RSA OAEP encrypted ciphertexts. This could potentially allow an attacker to sign with affected...

CVE-2023-27574

ShadowsocksX-NG 1.10.0 signs with com.apple.security.get-task-allow entitlements because of CODESIGNINGINJECTBASEENTITLEMENTS...

PT-2022-25018 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: The issue is related to a missing check on the return value of EC KEY set private key in the sign pFwInfo function, leading to a denial of service. Recommendations: For Samsung mTower...

OPENSUSE-SU-2021:1666-1 Security update for java-1_8_0-openj9

This update for java-180-openj9 fixes the following issues: - Update to OpenJDK 8u292 build 10 with OpenJ9 0.26.0 virtual machine. - CVE-2021-2161: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055...

OPENSUSE-SU-2019:2260-1 Security update for MozillaFirefox

This update for MozillaFirefox to 68.1 fixes the following issues: Security issues fixed: - CVE-2019-9811: Fixed a sandbox escape via installation of malicious language pack. bsc1140868 - CVE-2019-9812: Fixed a sandbox escape through Firefox Sync. bsc1149294 - CVE-2019-11710: Fixed several memory...