Lucene search
K

27 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.7 views

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

9.8CVSS7.5AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.8 views

CVE-2019-16753

An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatur...

7.5CVSS6.8AI score0.00744EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-7290

Malware in sbrugna...

7.5CVSS7.5AI score0.00744EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28414

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00413EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/06/24 12:0 a.m.5 views

Quest KACE Systems Management Appliance 14.1 Unauthenticated Backup Upload

Seralys Security Advisory - Quest KACE SMA allows unauthenticated users to upload backup files to the system. While signature validation is implemented, weaknesses in the validation process can be exploited to upload malicious backup content that could compromise system integrity. Version 14.1 is...

9.6CVSS7.2AI score0.00408EPSS
Exploits0
OSV
OSV
added 2023/06/20 5:15 a.m.6 views

CVE-2023-3325

The CMS Commander plugin for WordPress is vulnerable to authorization bypass due to the use of an insufficiently unique cryptographic signature on the 'cmscaddsite' function in versions up to, and including, 2.287. This makes it possible for unauthenticated attackers to the plugin to change the...

9.8CVSS5.9AI score0.00553EPSS
Exploits0References3
OSV
OSV
added 2023/05/31 3:15 a.m.8 views

CVE-2023-2987

The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of insufficiently unique cryptographic signature on the 'wapdxopconfigset' function in versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to the plugin to change the...

9.8CVSS5.8AI score0.00526EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/31 12:0 a.m.5 views

PT-2023-22457 · WordPress · Wordapp

Name of the Vulnerable Software and Affected Versions: Wordapp plugin for WordPress versions up to, and including, 1.5.0 Description: The issue is related to an authorization bypass due to the use of an insufficiently unique cryptographic signature on the wa pdx op config set function. This allow...

9.8CVSS9.4AI score0.00526EPSS
Exploits0References6
OSV
OSV
added 2023/01/30 4:15 p.m.5 views

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

9.8CVSS5.8AI score0.00413EPSS
Exploits0References3
NVD
NVD
added 2023/01/30 4:15 p.m.19 views

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

9.8CVSS9.7AI score0.00413EPSS
Exploits0References1
Prion
Prion
added 2023/01/30 4:15 p.m.15 views

Design/Logic Flaw

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

7.5CVSS9.6AI score0.00413EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/30 12:0 a.m.7 views

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

9.9AI score0.00413EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/30 12:0 a.m.5 views

PT-2023-12716 · Ip Label · Ip-Label Newtest

Name of the Vulnerable Software and Affected Versions: Ip-label Newtest versions prior to 8.5R0 Description: The Robot application in Ip-label Newtest was discovered to use weak signature checks on executed binaries. This allows attackers to have write access and escalate privileges via replacing...

9.8CVSS9.6AI score0.00413EPSS
Exploits0References6
CVE
CVE
added 2023/01/30 12:0 a.m.45 views

CVE-2022-23334

The CVE-2022-23334 vulnerability affects Ip-label Newtest’s Robot application prior to version 8.5R0. The issue is weak signature checks on binaries before execution, enabling an attacker to gain write access and escalate privileges by replacing NEWTESTREMOTEMANAGER.EXE. Affected software is Ip-l...

9.8CVSS9.6AI score0.00413EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/30 12:0 a.m.31 views

CVE-2022-23334

The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE...

9.9AI score0.00413EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/23 12:0 a.m.4 views

ONLYOFFICE 授权问题漏洞

Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in all versions of ONLYOFFICE prior to 2021-11-08, which stems from being affected by incorrect access control. Due to a weak default URL signature key, it is possible to forge a signed...

7.5CVSS7.3AI score0.012EPSS
Exploits0References4
OSV
OSV
added 2020/01/23 4:57 p.m.5 views

USN-4233-2 gnutls28 update

USN-4233-1 disabled SHA1 being used for digital signature operations in GnuTLS. In certain network environments, certificates using SHA1 may still be in use. This update adds the %VERIFYALLOWBROKEN and %VERIFYALLOWSIGNWITHSHA1 priority strings that can be used to temporarily re-enable SHA1 until...

5.8AI score
Exploits0References2
NVD
NVD
added 2019/12/04 8:15 p.m.12 views

CVE-2019-16753

An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatur...

7.5CVSS7.5AI score0.00744EPSS
Exploits1References1
OSV
OSV
added 2019/12/04 8:15 p.m.13 views

CVE-2019-16753

An issue was discovered in Decentralized Anonymous Payment System DAPS through 2019-08-26. The content to be signed is composed of a representation of strings, rather than being composed of their binary representations. This is a weak signature scheme design that would allow the reuse of signatur...

7.5CVSS6.7AI score
Exploits0References1
CVE
CVE
added 2019/12/04 7:28 p.m.41 views

CVE-2019-16753

CVE-2019-16753 concerns the Decentralized Anonymous Payment System (DAPS) and affects Private Instant Verified Transactions (PIVX) up to 3.4.0. The root cause is that the data to be signed is formed as a representation of strings rather than their binary representations, creating a weak signature...

7.5CVSS7.4AI score0.00744EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder