CVE-2023-36377

CVE-2023-36377 affects osslsigncode, a signing tool. A Buffer Overflow in osslsigncode v2.3 and earlier can allow local arbitrary code execution when signing crafted files (.exe/.sys/.dll). Multiple Debian LTS advisories document affected package osslsigncode and fixes via upgraded versions: Debi...

CVE-2026-39856

osslsigncode (before 2.13) has an out-of-bounds read in PE page-hash calculation (pe_page_hash_calc) when processing PE sections. The code uses PointerToRawData and SizeOfRawData from section headers without ensuring the referenced region lies within the mapped file, allowing an attacker to craft...

CVE-2025-70888

The CVE-2025-70888 issue affects osslsigncode in mtrojnar’s OSSLSIGNCODE up to version 2.10, with a remote-exploitation vector and a CRITICAL CVSS 9.8 rating. OpenSUSE advisories note fixes in osslsigncode 2.13 that address integer overflows in APPX data streams, double-free vulnerabilities in AP...

CVE-2026-39853

osslsigncode contains a stack buffer overflow in its signature verification paths (PE, MSI, CAB, script) when verifying PKCS#7 signatures. During digest copy from SpcIndirectDataContent into a fixed-size stack buffer (mdbuf[EVP_MAX_MD_SIZE], 64 bytes), the code does not validate the source length...

CVE-2026-39855

osslsigncode prior to 2.13 contains an integer underflow in the PE page-hash calculation (pe_page_hash_calc). If SizeOfHeaders (hdrsize) > SectionAlignment (pagesize), hdrsize is subtracted from pagesize without validation, producing a large unsigned length. The code allocates a zero-filled bu...