Lucene search
+L

21 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-8122

Malware in sbrugna...

7.8CVSS7.7AI score0.00791EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2004-0004

Malware in sbrugna...

7.5CVSS6.4AI score0.0209EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-6547

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation vulnerability in pbkdf2 allows Signature Spoofing by Improper Validation.This issue affects pbkdf2: =3.1.2. CVE-2025-6547 Note that...

9.1CVSS6.2AI score0.00387EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-11696

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The application failed to account for exceptions thrown by the loadManifestFromFile method during add-on signature verification. This flaw, triggered by an...

5.4CVSS6.8AI score0.0035EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:38 a.m.7 views

CVE-2023-44077

Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636...

9.8CVSS6.9AI score0.00385EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 2:12 a.m.20 views

CVE-2015-3298

Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated...

8.8CVSS6.8AI score0.00651EPSS
Exploits1References1
CVE
CVE
added 2025/05/13 4:33 p.m.58 views

CVE-2025-4658

CVE-2025-4658 affects the OpenPubkey library prior to 0.10.0, which allows a specially crafted JWS to bypass signature verification. Because OPKSSH relies on OpenPubkey for authentication, OPKSSH versions prior to 0.5.0 are also vulnerable and could bypass authentication. Public references in OSV...

9.8CVSS6.9AI score0.00295EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2025/03/31 4:0 a.m.23 views

CVE-2025-2975 GFI KerioConnect Signature EditHtmlSource cross site scripting

A vulnerability was found in GFI KerioConnect 10.0.6 and classified as problematic. This issue affects some unknown processing of the file Settings/Email/Signature/EditHtmlSource of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated...

5.1CVSS0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/27 12:0 a.m.13 views

Amazon Linux 2 : perl-App-cpanminus (ALAS-2025-2802)

The version of perl-App-cpanminus installed on the remote host is prior to 1.6922-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2802 advisory. The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. CVE-2020-16154 Tenable has extracted t...

7.8CVSS7.3AI score0.00713EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2025/03/13 12:0 a.m.8 views

CVE-2020-36843

The implementation of EdDSA in EdDSA-Java aka ed25519-java through 0.3.0 exhibits signature malleability and does not satisfy the SUF-CMA Strong Existential Unforgeability under Chosen Message Attacks property. This allows attackers to create new valid signatures different from previous signature...

4.3CVSS5.9AI score0.00134EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2023/06/13 5:30 p.m.8 views

CVE-2023-28602

Zoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially downgrade Zoom Client components to previous versions...

2.8CVSS6.8AI score0.00312EPSS
Exploits0References1
OSV
OSV
added 2022/07/13 8:44 p.m.8 views

MGASA-2022-0259 Updated gnupg2 packages fix security vulnerability

In unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are met, allows signature forgery via injection into the status line. CVE-2022-34903...

6.5CVSS6.7AI score0.02551EPSS
Exploits1References4
OSV
OSV
added 2022/05/17 12:28 a.m.31 views

GHSA-9PXM-8G95-Q5XR Insufficient Data Verification in io.really:jwt-scala

jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token...

5.3CVSS5.2AI score0.00583EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/11 12:0 a.m.7 views

Multiple Embedded TCP/IP Security Feature Issue Vulnerability

Multiple Embedded TCP/IP is a highly efficient embedded stack developed using a verifiable process and in strict compliance with the MISRA coding standard. Multiple Embedded TCP/IP suffers from a security signature issue vulnerability that could allow an attacker to spoof or corrupt a TCP...

9.1CVSS7.3AI score0.00871EPSS
Exploits0References5
Qualys Blog
Qualys Blog
added 2020/02/07 7:38 p.m.243 views

New EOL QIDs for Microsoft Windows 7 and 2008/R2

Qualys Vulnerability Signature, version 2.4.815-2, will include EOL QIDs detections for end-of-life software for Windows 7, Windows 2008, and Windows 2008 R2. Customers will be able to scan the QIDs shown below using Qualys Vulnerability Management VM: QID 105859 - EOL/Obsolete Operating System:...

1.6AI score
Exploits0
OSV
OSV
added 2018/06/15 2:29 a.m.8 views

CVE-2018-12356

An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension script...

9.8CVSS9.6AI score
Exploits0References8
Palo Alto Networks
Palo Alto Networks
added 2018/01/02 6:9 p.m.522 views

ROBOT attack against PAN-OS

ROBOT is an attack that affects the TLS RSA key exchange and could lead to decryption of captured sessions if the TLS server originally serving said captured session is still alive, vulnerable and using the same private key. PAN-89936 / CVE-2017-17841 While SSL Decryption and GlobalProtect are...

1.2AI score0.02408EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/12/11 12:0 a.m.46 views

CVE-2013-3900 WinVerifyTrust Signature Validation Vulnerability

...

5.5CVSS7.5AI score0.44647EPSS
Exploits1References1
OSV
OSV
added 2013/09/24 9:40 p.m.12 views

MGASA-2013-0289 Updated perl-Crypt-DSA package fixes security vulnerability

The Crypt::DSA aka Crypt-DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determine the signing key of a signed message, via a brute-force attack CVE-2011-3599. This update removes t...

5.8CVSS6.3AI score0.01958EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2011/11/27 8:58 a.m.39 views

New Apache Reverse Proxy Flaw Allows Access to Internal Network

New Apache Reverse Proxy Flaw Allows Access to Internal Network Apache acknowledged another reverse proxy issue CVE-2011-4317 which was discovered by Apache developer from Red Hat while creating a QualysGuard vulnerability signature for an older problem CVE-2011-3368. Depending on the reverse pro...

5CVSS8.3AI score0.90734EPSS
Exploits14
Rows per page
Query Builder