Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/04/15 4:17 a.m.2 views

UBUNTU-CVE-2026-39984

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint...

5.5CVSS5.7AI score0.00099EPSS
Exploits0References3
Snyk
Snykadded 2026/01/27 4:49 p.m.6 views

Type Confusion

Overview Affected versions of this package are vulnerable to Type Confusion in the TSRESPverifyresponse function. An ASN1TYPE union member is accessed without first validating the type, causing an invalid or null pointer dereference when processing a malformed TimeStamp Response file. An attacker...

8.2CVSS5.9AI score0.00768EPSS
Exploits1References2
NVD
NVDadded 2026/01/27 4:16 p.m.6 views

CVE-2025-69420

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

7.5CVSS0.00768EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2026/01/27 4:1 p.m.3 views

CVE-2025-69420 Missing ASN1_TYPE validation in TS_RESP_verify_response() function

Issue summary: A type confusion vulnerability exists in the TimeStamp Response verification code where an ASN1TYPE union member is accessed without first validating the type, causing an invalid or NULL pointer dereference when processing a malformed TimeStamp Response file. Impact summary: An...

5.9AI score0.00768EPSS
Exploits1References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2025-18798

Malicious code in bioql PyPI...

9.3CVSS6.3AI score0.00147EPSS
Exploits0References3
NVD
NVDadded 2025/06/21 2:15 a.m.3 views

CVE-2025-52556

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trust...

9.3CVSS0.00147EPSS
Exploits0References2
CVE
CVEadded 2025/06/21 1:33 a.m.41 views

CVE-2025-52556

CVE-2025-52556 affects the Python library rfc3161-client. Prior to version 1.0.3, the timestamp response signature verification flaw arises because chain verification checks the TSR’s embedded certificates up to trusted roots but does not verify the TSR’s own signature against the timestamping le...

9.3CVSS6.4AI score0.00147EPSS
Exploits0References2
OSV
OSVadded 2025/06/21 1:33 a.m.1 views

CVE-2025-52556 rfc3161-client has insufficient verification for timestamp response signatures

rfc3161-client is a Python library implementing the Time-Stamp Protocol TSP described in RFC 3161. Prior to version 1.0.3, there is a flaw in the timestamp response signature verification logic. In particular, chain verification is performed against the TSR's embedded certificates up to the trust...

9.3CVSS6.5AI score0.00147EPSS
Exploits0References4
Rows per page
Query Builder