Lucene search
+L

7 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6214

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.01389EPSS
Exploits0References7
osv
osv
added 2022/09/16 7:15 p.m.5 views

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

9.8CVSS6AI score0.01488EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/09/16 7:15 p.m.2 views

CVE-2022-3214

Delta Industrial Automation's DIAEnergy, an industrial energy management system, is vulnerable to CWE-798, Use of Hard-coded Credentials. Versions prior to 1.9.03.009 have this vulnerability. Executable files could be uploaded to certain directories using hard-coded bearer authorization, allowing...

9.8CVSS7.2AI score0.01488EPSS
Exploits0References2
nvd
nvd
added 2022/07/14 7:15 p.m.39 views

CVE-2022-31142

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750,...

7.5CVSS0.01389EPSS
Exploits0References5
prion
prion
added 2022/07/14 7:15 p.m.17 views

Authorization

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750,...

5CVSS7.5AI score0.01389EPSS
Exploits0References5Affected Software1
vulnrichment
vulnrichment
added 2022/07/14 6:55 p.m.6 views

CVE-2022-31142 Potential Timing Attack Vector in @fastify/bearer-auth

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750,...

7.5CVSS6.7AI score0.01389EPSS
Exploits0References5
osv
osv
added 2022/07/14 6:55 p.m.28 views

CVE-2022-31142 Potential Timing Attack Vector in @fastify/bearer-auth

@fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. @fastify/bearer-auth prior to versions 7.0.2 and 8.0.1 does not securely use crypto.timingSafeEqual. A malicious attacker could estimate the length of one valid bearer token. According to the corresponding RFC 6750,...

7.5CVSS7.4AI score0.01389EPSS
Exploits0References7
Rows per page
Query Builder