CVE-2026-39855
- EPSS 0.02%
- Veröffentlicht 09.04.2026 17:16:29
- Zuletzt bearbeitet 17.04.2026 20:00:55
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code (pe_page_hash_calc()). When page hash...
CVE-2026-39856
- EPSS 0.02%
- Veröffentlicht 09.04.2026 17:16:29
- Zuletzt bearbeitet 17.04.2026 19:59:36
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an out-of-bounds read vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash computation code (pe_page_hash_calc()). When processi...
CVE-2026-39853
- EPSS 0.01%
- Veröffentlicht 09.04.2026 15:50:26
- Zuletzt bearbeitet 17.04.2026 20:03:45
osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS#7 signature, the code cop...
CVE-2025-70888
- EPSS 0.12%
- Veröffentlicht 25.03.2026 00:00:00
- Zuletzt bearbeitet 02.04.2026 17:13:18
An issue in mtrojnar Osslsigncode affected at v2.10 and before allows a remote attacker to escalate privileges via the osslsigncode.c component
CVE-2023-36377
- EPSS 0.11%
- Veröffentlicht 03.07.2023 21:15:09
- Zuletzt bearbeitet 30.12.2025 08:15:42
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.