EUVD-2026-17174

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

ALPINE-CVE-2026-21713

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

UBUNTU-CVE-2026-21713

A flaw in Node.js HMAC verification uses a non-constant-time comparison when validating user-provided signatures, potentially leaking timing information proportional to the number of matching bytes. Under certain threat models where high-resolution timing measurements are possible, this behavior...

Ivanti Secure Access 22.x Multiple Vulnerabilities

The Ivanti Secure Access installed on the remote host is 22.x. It is, therefore, affected by multiple vulnerabilities: - A local privilege escalation vulnerability in Ivanti Secure Access Client for Windows allows a low privileged user to execute code as SYSTEM. CVE-2023-38042 - A local privilege...

PT-2024-25531 · Cosy+ · Cosy+

Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x below 21.2s10 Cosy+ devices versions 22.x below 22.1s3 Description: The issue is related to insecure permissions, where several processes are executed with elevated privileges. This is an example of Execution with...

Ivanti Connect Secure 9.x / 22.x Command Injection Vulnerability (CVE-2024-21887)

Binary data ivanticsCVE-2024-21887.nbin...

CVE-2017-14328

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot...