Lucene search
K

4 matches found

OSV
OSV
added 2026/06/17 9:34 p.m.4 views

GHSA-99F9-J8R3-P853 Hermes Agent creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644)

Hermes Agent before 0.16.0 creates responsestore.db and webhooksubscriptions.json with world-readable permissions mode 0o644, exposing conversation history and HMAC secrets to local users. Attackers with local filesystem access can read these files directly to obtain sensitive data including...

6.8CVSS5.8AI score0.00108EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.10 views

liboqs 缓冲区错误漏洞

Liboqs is an open-source project under Open Quantum Safe, which is an open-source C library for quantum secure encryption algorithms. Versions of Liboqs prior to 0.16.0 contained a buffer error vulnerability. This vulnerability stems from out-of-bounds reads in the XMSS and XMSS^MT state signatur...

5.3CVSS6AI score0.00305EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.11 views

liboqs 缓冲区错误漏洞

Liboqs is an open-source project under Open Quantum Safe, which is an open-source C library for quantum secure encryption algorithms. Versions of Liboqs prior to 0.16.0 contained a buffer error vulnerability. This vulnerability stems from the XMSS and XMSS^MT state signature verification code. Wh...

5.3CVSS6AI score0.00305EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/03/20 12:0 a.m.5 views

PT-2023-21712 · Unknown · Svg-Sanitizer

Name of the Vulnerable Software and Affected Versions: savg-sanitizer versions prior to 0.16.0 Description: A bypass has been found in the savg-sanitizer library that allows an attacker to upload an SVG with persistent cross-site scripting. The issue arises from incorrect sanitization of HTML...

5.3CVSS9AI score
Exploits0References10
Rows per page
Query Builder