Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
ascertia
18029.4%CRITICAL

Related CVEs

8
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-61166An open redirect in Ascertia SigningHub User v10.0 allows attackers to redirect users to a malicious site via a crafted URL.MEDIUM6.17.2%Apr 6, 2026
CVE-2025-54321In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating reset password requests.CRITICAL9.832.7%Nov 18, 2025
CVE-2025-54320In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests.MEDIUM4.320.4%Nov 18, 2025
CVE-2025-56224A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack.HIGH8.136.8%Oct 20, 2025
CVE-2025-56223A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Denial of Service (DoS) via uploading an excessive number of files.HIGH7.541.2%Oct 20, 2025
CVE-2025-56219Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limiting. This can lead to a resource exhaustion and a Denial of Service (DoS) when an excessively large number of user accounts are created.HIGH7.129.1%Oct 20, 2025
CVE-2025-56221A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack.CRITICAL9.842.8%Oct 17, 2025
CVE-2025-56218An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.CRITICAL9.847.2%Oct 17, 2025