Skip to main content

Signserver

4 CVEs product

Monthly

CVE-2025-47222 MEDIUM This Month

A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-47221 MEDIUM This Month

An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-47220 MEDIUM This Month

A local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH, which exists in the PDFSigner and the PAdESSigner, can be set to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2022-26494 MEDIUM This Month

An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Signserver
NVD
CVSS 3.1
4.8
EPSS
0.6%
EPSS 0% CVSS 6.5
MEDIUM This Month

A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

A local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH, which exists in the PDFSigner and the PAdESSigner, can be set to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Signserver
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

An XSS was identified in the Admin Web interface of PrimeKey SignServer before 5.8.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Signserver
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy