Lucene search
K

129 matches found

The Hacker News
The Hacker News
added 2025/11/27 2:59 p.m.3 views

Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools

If you're using community tools like Chocolatey or Winget to keep systems updated, you're not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there's a catch... The very tools that make your job easier might also be the reason your systems...

7.1AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-3749

Malware in sbrugna...

7.8CVSS7.7AI score0.00582EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-0041

Malware in sbrugna...

4.3CVSS6.1AI score0.05351EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-3811

Malware in sbrugna...

7.8CVSS7.7AI score0.00259EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3057

Malicious code in bioql PyPI...

7.5CVSS6.9AI score0.00193EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-47363

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-30307

Malicious code in bioql PyPI...

9CVSS7.7AI score0.00104EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2025/08/11 12:0 a.m.503 views

Microsoft Windows - Storage QoS Filter Driver Checker

Titles: Microsoft Windows - Storage QoS Filter Driver Checker Author: nu11secur1ty Date: 08/04/2025 Vendor: Microsoft Software: https://www.microsoft.com/en-us/software-download/windows11 Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 Description This PowerShell...

7.8CVSS7.4AI score0.00586EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/22 10:8 p.m.7 views

CVE-2022-39237

syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...

9.8CVSS6.7AI score0.00477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:24 a.m.12 views

CVE-2019-12162

Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the downloaded program update before running it, which could lead to code execution or local privilege escalation by replacing the original update.exe...

7.8CVSS7.6AI score0.00259EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2025/05/19 3:48 p.m.115 views

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement...

7.8AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/06 1:59 a.m.14 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS7.1AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-47801

Name of the Vulnerable Software and Affected Versions GnuTLS versions 15.0 and -current GnuTLS versions prior to Fedora 43 Description A stack overflow issue exists in GnuTLS. The issue is related to a flaw that could potentially allow for malicious exploitation. Recommendations Update GnuTLS to...

7.2CVSS6.6AI score0.00203EPSS
Exploits0References127
Positive Technologies
Positive Technologies
added 2024/10/29 12:0 a.m.4 views

PT-2024-34329 · Litespeed · Litespeed Cache

Name of the Vulnerable Software and Affected Versions: LiteSpeed Cache versions through 6.5.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability in LiteSpeed Cache, allowing Privilege Escalation. This vulnerability enables an attacker to gain administrative...

9.8CVSS7.6AI score0.00913EPSS
Exploits0References42
Veracode
Veracode
added 2024/10/22 9:33 a.m.11 views

Improper Verification Of Cryptographic Signature

elliptic is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to improper handling of the truncateToN function, which fails to correctly verify signatures when the hash contains at least four leading zero bytes and the elliptic curve's base point order is...

4.8CVSS6.5AI score0.00556EPSS
Exploits1References4Affected Software2
OSV
OSV
added 2023/05/25 12:0 p.m.5 views

OSEC-2023-01 Time of check time of use issue in opam's cache

Bug description Opam uses since version 2.0.0 a download cache: if a source artifact is needed, first its hash is looked up in the local cache /.opam/download-cache//. Opam supports multiple hash algorithms, a cache lookup tries all hash algorithms present in the opam file. Before opam 2.1.5, the...

7.1CVSS5.5AI score
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2022/10/31 12:0 a.m.35 views

Apptainer: Lack of Digital Signature Hash Verification

Background Apptainer is the container system for secure high-performance computing. Description The Go module "sif" version 2.8.0 and older, which is a statically linked dependency of Apptainer, does not verify that the hash algorithms used are cryptographically secure when verifying digital...

9.8CVSS1.3AI score0.00477EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.52 views

GLSA-202210-19 : Apptainer: Lack of Digital Signature Hash Verification

The remote host is affected by the vulnerability described in GLSA-202210-19 Apptainer: Lack of Digital Signature Hash Verification - syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not veri...

9.8CVSS6.1AI score0.00477EPSS
Exploits0References3
OSV
OSV
added 2022/10/06 6:16 p.m.4 views

UBUNTU-CVE-2022-39237

syslabs/sif is the Singularity Image Format SIF reference implementation. In versions prior to 2.8.1the github.com/sylabs/sif/v2/pkg/integrity package did not verify that the hash algorithms used are cryptographically secure when verifying digital signatures. A patch is available in version =...

9.8CVSS6.4AI score0.00477EPSS
Exploits0References6
NVD
NVD
added 2022/09/16 6:15 a.m.27 views

CVE-2022-25652

Cryptographic issues in BSP due to improper hash verification in Snapdragon Wired Infrastructure and Networking...

9CVSS0.00104EPSS
Exploits0References1
Rows per page
Query Builder