Lucene search
K

582 matches found

Cvelist
Cvelist
added 2026/04/30 6:17 p.m.39 views

CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass

Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However,...

8.9CVSS0.00191EPSS
Exploits1References4
OSV
OSV
added 2026/04/30 6:17 p.m.8 views

EEF-CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass

Summary Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. Howeve...

8.9CVSS5.5AI score0.00191EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.10 views

PT-2026-36158

Name of the Vulnerable Software and Affected Versions hex versions 0.16.0 through 2.4.1 Description Insufficient Verification of Data Authenticity in the Hex.RemoteConverger module allows for a dependency integrity bypass. The Hex.RemoteConverger.verify resolved/2 function fails to execute checks...

8.9CVSS5.9AI score0.00191EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2026/04/21 11:22 p.m.4 views

CVE-2026-41126 BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL"

BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...

4.3CVSS5.8AI score0.00231EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.9 views

PT-2026-34217

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.24 Description An open redirect exists in the 'bigbluebutton/api/join' endpoint through the logoutURL parameter. This occurs when requests with incorrect checksums are handled improperly, allowing a redirect...

4.3CVSS5.3AI score0.00231EPSS
Exploits0References5
CNVD
CNVD
added 2026/03/09 12:0 a.m.2 views

Microsoft Devices Pricing Program Code Issue Vulnerability

The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...

9.8CVSS6.1AI score0.01596EPSS
Exploits0References1
OSV
OSV
added 2026/02/04 2:43 p.m.6 views

CLSA-2026-1770216227 nodejs: Fix of CVE-2023-38552

CVE-2023-38552: prevent application from intercepting integrity check operation and returning forged checksum...

7.5CVSS5.8AI score0.01107EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

EulerOS Virtualization 2.10.0 : rsync (EulerOS-SA-2026-1196)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destinati...

7.5CVSS5.9AI score0.04575EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.10 views

CVE-2018-1000891

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums...

7.5CVSS7AI score0.01031EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.3 views

CVE-2023-54080

In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...

5.7AI score0.0018EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/18 12:0 a.m.4 views

EulerOS Virtualization 2.13.1 : krb5 (EulerOS-SA-2025-2547)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...

5.9CVSS6.8AI score0.00276EPSS
Exploits0References2
OSV
OSV
added 2025/11/25 10:50 p.m.6 views

JLSEC-2025-325 A flaw was found in rsync

A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...

6.8CVSS6.2AI score0.01761EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7410

Malware in sbrugna...

9.8CVSS9.2AI score0.01001EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-12172

Malware in sbrugna...

5.3CVSS5.1AI score0.00409EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-19803

Malware in sbrugna...

4.3CVSS4.9AI score0.00283EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-0695

Malware in sbrugna...

7.5CVSS6.4AI score0.01427EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-8121

Malware in sbrugna...

6.5CVSS6.4AI score0.00956EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-4768

Malware in sbrugna...

10CVSS6.1AI score0.02029EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52222

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-22706

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00301EPSS
Exploits2References2
Rows per page
Query Builder