Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

EUVD
EUVDadded 2026/05/15 4:8 p.m.5 views

EUVD-2026-30560

LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt accepts an RSA JWK that does not contain an alg parameter as the verification key for an HS256/HS384/HS512 token. In the OpenSSL backend, this causes HMAC verification to run with a zero-length key, so an attacker can forge a valid...

9.1CVSS5.8AI score0.00027EPSS
Exploits0References1
Veracode
Veracodeadded 2024/04/29 6:33 a.m.44 views

Improper Signature Validation

python-jose is vulnerable to Improper Signature Validation. This vulnerability is due to improper verification of OpenSSH ECDSA keys along with other key formats, allowing attackers to bypass security measures or manipulate cryptographic functions by submitting crafted signatures with a specific...

6.5CVSS6.8AI score0.00925EPSS
Exploits1References4Affected Software1
CNNVD
CNNVDadded 2021/08/23 12:0 a.m.1 views

ARM mbed TLS 信任管理问题漏洞

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption for mbed products. ARM mbed TLS has a security vulnerability that stems from the fact that the null algorithm parameter term is the same as the real array of size 0 and therefore the certificate is considered...

7.5CVSS7.3AI score0.00518EPSS
Exploits1References12
Rows per page
Query Builder