Lucene search
K

124 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-3057

Malicious code in bioql PyPI...

7.5CVSS6.9AI score0.00193EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-47363

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.496 views

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

7.8CVSS7.4AI score0.00586EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.6 views

CVE-2022-39237

syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...

9.8CVSS6.7AI score0.00477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:24 a.m.11 views

CVE-2019-12162

Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe...

7.8CVSS7.6AI score0.00259EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/05/19 3:48 p.m.113 views

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement...

7.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 1:59 a.m.13 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS7.1AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.2 views

PT-2025-47801

Name of the Vulnerable Software and Affected Versions GnuTLS versions 15.0 and -current GnuTLS versions prior to Fedora 43 Description A stack overflow issue exists in GnuTLS. The issue is related to a flaw that could potentially allow for malicious exploitation. Recommendations Update GnuTLS to...

7.2CVSS6.6AI score0.00203EPSS
Exploits0References116
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.4 views

PT-2024-34329 · Litespeed · Litespeed Cache

Name of the Vulnerable Software and Affected Versions: LiteSpeed Cache versions through 6.5.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in LiteSpeed Cache, allowing Privilege Escalation. This vulnerability enables an attacker to gain administrative...

9.8CVSS7.6AI score0.00913EPSS
Exploits0References42
Veracode
Veracode
added 2024/10/22 9:33 a.m.11 views

Improper Verification Of Cryptographic Signature

elliptic is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to improper handling of the truncateToN function, which fails to correctly verify signatures when the hash contains at least four leading zero bytes and the elliptic curve's base point order is...

4.8CVSS6.5AI score0.00556EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2023/05/25 12:0 p.m.4 views

OSEC-2023-01 Time of check time of use issue in opam's cache

Bug description Opam uses since version 2.0.0 a download cache: if a source artifact is needed, first its hash is looked up in the local cache /.opam/download-cache//. Opam supports multiple hash algorithms, a cache lookup tries all hash algorithms present in the opam file. Before opam 2.1.5, the...

7.1CVSS5.5AI score
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.34 views

Apptainer: Lack of Digital Signature Hash Verification

Background Apptainer is the container system for secure high-performance computing. Description The Go module "sif" version 2.8.0 and older, which is a statically linked dependency of Apptainer, does not verify that the hash algorithms used are cryptographically secure when verifying digital...

9.8CVSS1.3AI score0.00477EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.51 views

GLSA-202210-19 : Apptainer: Lack of Digital Signature Hash Verification

The remote host is affected by the vulnerability described in GLSA-202210-19 Apptainer: Lack of Digital Signature Hash Verification - syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not veri...

9.8CVSS6.1AI score0.00477EPSS
Exploits0References3
OSV
OSV
added 2022/10/06 6:16 p.m.1 views

UBUNTU-CVE-2022-39237

syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...

9.8CVSS6.4AI score0.00477EPSS
Exploits0References6
NVD
NVD
added 2022/09/16 6:15 a.m.26 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/16 6:15 a.m.2 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS5.3AI score0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/16 5:25 a.m.34 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS9.3AI score0.00104EPSS
Exploits0References1
Fedora
Fedora
added 2022/07/04 1:35 a.m.28 views

[SECURITY] Fedora 36 Update: terrier-0.0.2-6.fc36

Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of specific files according to their hashes...

9.3CVSS8.8AI score0.05994EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2022/04/07 12:0 a.m.5 views

The vulnerability of microprogramming software in embedded Qualcomm Android operating systems, related to data type conversion errors, allows attackers to escalate their privileges.

The vulnerability of microprogramming software in embedded Qualcomm Android operating systems is related to errors in data type conversion during the verification of file hash segments. Exploiting this vulnerability can allow attackers to enhance their privileges using a specially created malicio...

7.8CVSS7.6AI score0.00157EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/07 12:0 a.m.6 views

PT-2022-2077 · Qualcomm · Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions affected versions not specified Description: The issue is related to errors in data type conversion during the verification of a file's hash segment, potentially allowing an attacker to elevate their privileges...

8.8CVSS8.7AI score0.00157EPSS
Exploits0References11
Rows per page
Query Builder