CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2026/01/22 3:15 a.m.•2 views

DEBIAN-CVE-2026-23992

go-tuf is a Go implementation of The Update Framework TUF. Starting in version 2.0.0 and prior to version 2.3.1, a compromised or misconfigured TUF repository can have the configured value of signature thresholds set to 0, which effectively disables signature verification. This can lead to...

7.5CVSS8.4AI score0.00196EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•18 views

EUVD-2021-2359

Malware in sbrugna...

9.8CVSS9.3AI score0.01022EPSS

Exploits1References6

EUVD•added 2025/10/03 8:7 p.m.•8 views

EUVD-2022-5873

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01022EPSS

Exploits1References7

OSV•added 2022/05/06 12:15 a.m.•1 views

UBUNTU-CVE-2022-24884

ecdsautils is a tiny collection of programs used for ECDSA keygen, sign, verify. ecdsaverifypreparelegacy does not check whether the signature values r and s are non-zero. A signature consisting only of zeroes is always considered valid, making it trivial to forge signatures. Requiring multiple...

10CVSS7.2AI score0.01038EPSS

Exploits0References7

Positive Technologies•added 2022/05/05 12:0 a.m.•1 views

PT-2022-3495 · Unknown +2 · Ecdsautils +2

Name of the Vulnerable Software and Affected Versions: ecdsautils versions prior to 0.4.1 Description: The issue is related to the ecdsa verify prepare legacy function, which does not check whether the signature values r and s are non-zero. This allows for trivial signature forgery, as a signatur...

10CVSS8.5AI score0.01038EPSS

Exploits0References30

GithubExploit•added 2022/04/20 8:31 p.m.•54 views

Exploit for CVE-2022-21449

CVE-2022-21449-TLS-PoC CVE-2022-21449 also dubbed Psychic Si...

7.5CVSS6.9AI score0.46677EPSS

Exploits6

CNVD•added 2021/11/11 12:0 a.m.•6 views

Stark Bank Data Forgery Problem Vulnerability (CNVD-2021-95641)

Stark Bank is a banking API for individual developers in Brazil. performs all banking operations through the API, simplifying and automating payments, facilitating reconciliations and scaling operations. A data forgery issue vulnerability exists in Stark Bank Ecdsa-java, which stems from a failur...

9.8CVSS6.7AI score0.00994EPSS

Exploits1References1

OSV•added 2021/11/10 8:41 p.m.•15 views

GHSA-92VM-MXJF-JQF3 Improper Verification of Cryptographic Signature in starkbank-ecdsa

The verify function in the Stark Bank Python ECDSA library starkbank-ecdsa 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

9.8CVSS9.4AI score0.01198EPSS

Exploits1References6

NVD•added 2021/11/09 10:15 p.m.•17 views

CVE-2021-43570

The verify function in the Stark Bank Java ECDSA library ecdsa-java 1.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

9.8CVSS0.00994EPSS

Exploits1References2

PyPA•added 2021/11/09 10:15 p.m.•7 views

PYSEC-2021-426

The verify function in the Stark Bank Python ECDSA library ecdsa-python 2.0.0 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages...

9.8CVSS7.1AI score0.01198EPSS

Exploits1References3Affected Software1

CNNVD•added 2021/11/09 12:0 a.m.•4 views

Stark Bank 数据伪造问题漏洞

Stark Bank is a banking API for individual developers in Brazil.Perform all banking operations through an API that simplifies and automates payments, facilitates reconciliations, and scales operations. Stark Bank ecdsa-elixir suffers from a Data Forgery Issue vulnerability that stems from the...

9.8CVSS5.9AI score0.01022EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by