Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
OP-TEE vulnerable to ECDH private key recovery
Signed cookie salt namespace collision in django.http.HttpRequest.get_signed_cookie
PyJWT: Algorithm allow-list bypass when decoding with `PyJWK` / `PyJWKClient` keys
PyJWT: Public-key JWK accepted as HMAC secret enables forged HS256 tokens when mixed families are allowed
Keycloak: keycloak: security policy bypass in jwe-encrypted request object processing
OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover
Insufficient Verification of Data Authenticity
epa4all-client: Improper Verification of Cryptographic Signature
bitcoinj: ScriptExecution P2PKH/P2WPKH Verification Bypass
gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits
LibJWT: Algorithm confusion allows JWT forgery with RSA JWK as empty-key HMAC
Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run...
azureauthextension Authenticate method does not validate bearer tokens, allowing auth bypass via replay
PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled
Azure SDK for Java Security Feature Bypass Vulnerability
Zen Browser MAR updater ships with signature verification removed — unsigned updates accepted
Plunk: SNS webhook forgery
ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale Buffer
Admidio: SAML Signature Validation Result Ignored — Forged AuthnRequests and LogoutRequests Processed
Dolibarr ERP CRM Online Signature security.lib.php dol_verifyHash signature verification
Showing 1 - 20 of 1,000+ results