CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

NVD•added 2026/04/24 8:16 p.m.•4 views

CVE-2026-41244

Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208,...

4.7CVSS0.00015EPSS

Exploits0References1

Cvelist•added 2026/04/10 8:24 p.m.•25 views

CVE-2026-40194 phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals()

phpseclib is a PHP secure communications library. Starting in 0.1.1 and prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::getbinarypacket uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp,...

3.7CVSS0.00014EPSS

Exploits0References5

Github Security Blog•added 2026/01/21 10:27 p.m.•7 views

FastAPI Api Key has a timing side-channel in verify_key that allows statistical key validity detection

Impact Timing side-channel vulnerability in verifykey. The method applied a random delay only on verification failures, allowing an attacker to statistically distinguish valid from invalid API keys by measuring response latencies. With enough repeated requests, an adversary could infer whether a...

3.7CVSS5.6AI score0.00065EPSS

Exploits0References5Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-2060

Malware in sbrugna...

9.8CVSS9.5AI score0.00567EPSS

Exploits0References2

IBM Security Bulletins•added 2024/11/06 9:54 a.m.•23 views

Security Bulletin: Multiple Vulnerabilities in Db2 affect IBM Cloud Pak Sytem

Summary Vulnerabilities in Db2 affect IBM Cloud Pak Sytem. Vulnerability Details CVEID:CVE-2024-31882 DESCRIPTION: IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.1 and 11.5 is vulnerable to a denial of service, under specific configurations, as the server may crash when using ...

7.5CVSS7.7AI score0.00427EPSS

Exploits0Affected Software1

Tenable Nessus•added 2024/01/10 12:0 a.m.•19 views

RHEL 9 : nss (RHSA-2024:0108)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0108 advisory. Network Security Services NSS is a set of libraries designed to support the cross-platform development of security-enabled client and server...

6.5CVSS7.3AI score0.00245EPSS

Exploits0References5

Openbugbounty•added 2021/10/21 12:29 p.m.•8 views

All Vulnerabilities for wowtravel.me Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| wowtravel.me ---|--- Open Bug Bounty...

7AI score

Exploits0

Openbugbounty•added 2021/10/21 11:9 a.m.•7 views

All Vulnerabilities for sub.edu.bd Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/18 10:55 a.m.•6 views

pondiuni.edu.in Improper Access Control vulnerability OBB-2178041

7AI score

Exploits0

Openbugbounty•added 2021/10/18 10:45 a.m.•15 views

idcloudhost.com Improper Access Control vulnerability OBB-2177878

7AI score

Exploits0

Openbugbounty•added 2021/10/18 10:37 a.m.•15 views

All Vulnerabilities for html.com Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/16 11:10 a.m.•10 views

northcutt.com Improper Access Control vulnerability OBB-2172630

7AI score

Exploits0

Openbugbounty•added 2021/10/16 11:9 a.m.•15 views

All Vulnerabilities for ncsasports.org Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/15 6:0 a.m.•6 views

All Vulnerabilities for digitel.com.ve Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/15 3:23 a.m.•20 views

All Vulnerabilities for channelstv.com Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/15 2:39 a.m.•9 views

All Vulnerabilities for aua.am Patched via Open Bug Bounty

7AI score

Exploits0

Openbugbounty•added 2021/10/15 2:2 a.m.•20 views

All Vulnerabilities for 10tv.in Patched via Open Bug Bounty

7AI score

Exploits0

Talos•added 2020/03/09 12:0 a.m.•73 views

WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability

Summary An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials...

7.5CVSS6.7AI score0.00386EPSS

Exploits1

Github Security Blog•added 2019/12/05 6:40 p.m.•87 views

Low severity vulnerability that affects com.linecorp.armeria:armeria

Multiple timing attack vulnerabilities leading to the recovery of secrets based on the use of non-constant time compare function Impact String comparison method in multiple authentication validation in Armeria were known to be vulnerable to timing attacks. This vulnerability is caused by the...

6.5CVSS1.9AI score0.00416EPSS

Exploits0References5Affected Software1

Prion•added 2018/12/20 9:29 p.m.•11 views

Design/Logic Flaw

Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password...

5CVSS9.5AI score0.00567EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by