CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

929 matches found

Cvelist•added 2023/01/01 4:30 p.m.•12 views

CVE-2013-10006 Ziftr primecoin bitcoinrpc.cpp HTTPAuthorized timing discrepancy

A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. The...

2.6CVSS7.6AI score0.00292EPSS

Exploits0References4

Positive Technologies•added 2023/01/01 12:0 a.m.•1 views

PT-2023-9995 · Ziftr · Ziftr Primecoin

Name of the Vulnerable Software and Affected Versions: Ziftr primecoin versions up to 0.8.4rc1 Description: A vulnerability was found in the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing...

7.5CVSS4.3AI score0.00292EPSS

Exploits0References7

RedhatCVE•added 2022/12/29 4:35 a.m.•30 views

CVE-2021-4294

A vulnerability was found in OpenShift OSIN. This issue affects the ClientSecretMatches/CheckClientSecret function, where the manipulation of the argument secret leads to an observable timing discrepancy...

5.9CVSS5.5AI score0.00257EPSS

Exploits0References3

OSV•added 2022/12/28 9:15 p.m.•9 views

CVE-2022-4823

A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. Affected is an unknown function of the file app/controllers/geopollcontroller.rb. The manipulation of the argument signature leads to observable timing discrepancy. It is possible to launch the attack remotely. Th...

5.9CVSS7AI score

Exploits0References3

NVD•added 2022/12/28 9:15 p.m.•7 views

CVE-2022-4823

5.9CVSS0.00332EPSS

Exploits0References3

Cvelist•added 2022/12/28 8:51 p.m.•11 views

CVE-2022-4823 InSTEDD Nuntium geopoll_controller.rb timing discrepancy

3.1CVSS6.1AI score0.00332EPSS

Exploits0References3

Vulnrichment•added 2022/12/28 8:51 p.m.•5 views

CVE-2022-4823 InSTEDD Nuntium geopoll_controller.rb timing discrepancy

3.1CVSS7.3AI score0.00332EPSS

Exploits0References3

CVE•added 2022/12/28 8:51 p.m.•49 views

CVE-2022-4823

The CVE-2022-4823 entry concerns InSTEDD Nuntium, affecting an unknown function in the file app/controllers/geopoll_controller.rb. The issue arises from manipulation of the signature argument, which leads to observable timing discrepancy and could be exploited remotely. A patch named 77236f7fd71a...

5.9CVSS4.8AI score0.00332EPSS

Exploits0References3Affected Software1

OSV•added 2022/12/28 6:30 p.m.•16 views

GHSA-M7QP-CJ9P-GJ85 OpenShift OSIN vulnerable to Observable Timing Discrepancy

A vulnerability was found in OpenShift OSIN. It has been classified as problematic. This affects the function ClientSecretMatches/CheckClientSecret. The manipulation of the argument secret leads to observable timing discrepancy. The name of the patch is 8612686d6dda34ae9ef6b5a974e4b7accb4fea29. I...

5.9CVSS6AI score0.00257EPSS

Exploits0References7

Github Security Blog•added 2022/12/28 6:30 p.m.•30 views

OpenShift OSIN vulnerable to Observable Timing Discrepancy

5.9CVSS2.2AI score0.00257EPSS

Exploits0References7Affected Software1

NVD•added 2022/12/28 5:15 p.m.•11 views

CVE-2021-4294

5.9CVSS0.00257EPSS

Exploits0References4

OSV•added 2022/12/28 5:15 p.m.•13 views

CVE-2021-4294

5.9CVSS6.1AI score

Exploits0References4

Prion•added 2022/12/28 5:15 p.m.•20 views

Design/Logic Flaw

2.6CVSS6.1AI score0.00257EPSS

Exploits0References4Affected Software2

CVE•added 2022/12/28 4:51 p.m.•206 views

CVE-2021-4294

CVE-2021-4294 affects OpenShift OSIN, specifically the ClientSecretMatches/CheckClientSecret path, where manipulating the secret argument produces observable timing discrepancy. Connected sources confirm this vulnerability and link to the patch 8612686d6dda34ae9ef6b5a974e4b7accb4fea29, indicating...

5.9CVSS5AI score0.00257EPSS

Exploits0References4Affected Software2

Cvelist•added 2022/12/28 4:51 p.m.•13 views

CVE-2021-4294 OpenShift OSIN CheckClientSecret timing discrepancy

2.6CVSS6AI score0.00257EPSS

Exploits0References4

OSV•added 2022/12/27 11:15 a.m.•11 views

PYSEC-2022-43014

A vulnerability, which was classified as problematic, has been found in cocagne pysrp up to 1.0.16. This issue affects the function calculatex of the file srp/ctsrp.py. The manipulation leads to information exposure through discrepancy. Upgrading to version 1.0.17 is able to address this issue. T...

7.5CVSS6.9AI score0.00431EPSS

Exploits0References7

UbuntuCve•added 2022/12/27 11:15 a.m.•10 views

CVE-2021-4286

7.5CVSS5.4AI score0.00431EPSS

Exploits0References3

CVE•added 2022/12/27 10:21 a.m.•60 views

CVE-2021-4286

CVE-2021-4286 affects cocagne pysrp up to 1.0.16. The issue targets the function calculate_x in srp/_ctsrp.py, causing information exposure through discrepancy. A fix is available in pysrp 1.0.17 with patch dba52642f5e95d3da7af1780561213ee6053195f, per VDB-216875; upgrading is advised.

7.5CVSS5.4AI score0.00431EPSS

Exploits0References5Affected Software1

CNNVD•added 2022/12/27 12:0 a.m.•1 views

pysrp 安全漏洞

pysrp is a Python implementation of the Secure Remote Cryptography Protocol SRP by the individual developer Tom Cocagne. A security vulnerability exists in pysrp versions prior to 1.0.16, which stems from the function calculatex in the file srp/ctsrp.py, which is manipulated to result in a messag...

7.5CVSS5.4AI score0.00431EPSS

Exploits0References6

ICS•added 2022/12/13 12:0 a.m.•106 views

Siemens SCALANCE X-200RNA Switch Devices

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Siemens Equipment: SCALANCE X-200RNA switch devices before V3.2.7 Vulnerabilities: Observable Timing Discrepancy; Race Condition; Improper Restriction of Operations within...

7.6CVSS10AI score0.90356EPSS

Exploits33References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by