Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingChe...

Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated.

Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.

Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass th...

Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for example by SimpleSAMLphp, performed incorrect validation of cryptographic signatures in XML messages, allowing an authenticated attac...

The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connection...