Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2019-18848

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string. CVE-2019-18848 Note that Nessus relies on the presence of t...

7.5CVSS7.2AI score0.01257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2025/01/08 12:0 a.m.14 views

openSUSE 15 Security Update : rubygem-json-jwt (openSUSE-SU-2025:0004-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0004-1 advisory. - New upstream release 1.16.6, see bundled CHANGELOG.md - Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109 - Fixes...

8.4CVSS6.9AI score0.01257EPSS
Exploits1References7
OpenVAS
OpenVASadded 2025/01/08 12:0 a.m.13 views

openSUSE Security Advisory (openSUSE-SU-2025:0004-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.2AI score0.01257EPSS
Exploits1References5
OSV
OSVadded 2025/01/07 5:1 p.m.12 views

OPENSUSE-SU-2025:0004-1 Security update for rubygem-json-jwt

This update for rubygem-json-jwt fixes the following issues: - New upstream release 1.16.6, see bundled CHANGELOG.md - Remove padding oracle by @btoews in https://github.com/nov/json-jwt/pull/109 - Fixes CVE-2023-51774 boo1220727 - updated to version 1.11.0 - no changelog found - Fixes...

8.4CVSS6.9AI score0.01257EPSS
Exploits1References5
Circl
Circladded 2024/02/13 9:56 a.m.4 views

CVE-2019-18848

creationtimestamp| type| source ---|---|--- 2024-02-13 09:56:58+00:00| seen| https://t.me/ctinow/183690...

7.5CVSS7.3AI score0.01257EPSS
Exploits0References1
Debian
Debianadded 2020/10/01 12:22 p.m.24 views

[SECURITY] [DLA 2390-1] ruby-json-jwt security update

----------------------------------------------------------------------- Debian LTS Advisory DLA-2390-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta October 01, 2020 https://wiki.debian.org/LTS -...

7.5CVSS7.4AI score0.01257EPSS
Exploits0
Circl
Circladded 2020/04/20 9:59 p.m.6 views

CVE-2017-18848

creationtimestamp| type| source ---|---|--- 2020-04-20 21:59:18+00:00| seen| https://t.me/cibsecurity/11407...

8.8CVSS8.1AI score0.0046EPSS
Exploits0References1
CVE
CVEadded 2020/04/20 3:24 p.m.43 views

CVE-2017-18848

CVE-2017-18848 describes a cross-site request forgery (CSRF) vulnerability in NETGEAR consumer routers. Affected models and minimum versions are: R6300v2 before 1.0.0.36, AC1450 before 1.0.0.36, R7300 before 1.0.0.54, and R8500 before 1.0.2.94. The issue arises from CSRF in the device’s web appli...

8.8CVSS8.6AI score0.0046EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2019/11/12 2:23 p.m.106 views

CVE-2019-18848

CVE-2019-18848 affects the rubygem-json-jwt library for Ruby, where versions prior to 1.11.0 fail to enforce an element count when splitting a JWE string. This is documented across multiple advisories (Debian DLA-2390-1, openSUSE/SUSE advisories) indicating the issue and references to upgrading t...

7.5CVSS7.3AI score0.01257EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2019/11/12 2:23 p.m.20 views

CVE-2019-18848

The json-jwt gem before 1.11.0 for Ruby lacks an element count during the splitting of a JWE string...

7.5CVSS7.5AI score0.01257EPSS
Exploits0
Rows per page
Query Builder