Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5313 matches found

Prion
Prionadded 2019/05/22 5:29 p.m.30 views

Design/Logic Flaw

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

4.3CVSS5.2AI score0.02002EPSS
Exploits2References7Affected Software2
OSV
OSVadded 2019/05/22 5:29 p.m.2 views

DEBIAN-CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS7.2AI score0.02002EPSS
Exploits2References1
Debian CVE
Debian CVEadded 2019/05/22 12:0 a.m.31 views

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

5.9CVSS6.5AI score0.02002EPSS
Exploits2
Cvelist
Cvelistadded 2019/05/22 12:0 a.m.60 views

CVE-2019-11841

A message-forgery issue was discovered in crypto/openpgp/clearsign/clearsign.go in supplementary Go cryptography libraries 2019-03-25. According to the OpenPGP Message Format specification in RFC 4880 chapter 7, a cleartext signed message can contain one or more optional "Hash" Armor Headers. The...

6.2AI score0.02002EPSS
Exploits2References7
Positive Technologies
Positive Technologiesadded 2019/05/22 12:0 a.m.5 views

PT-2019-12524 · Go · Go Cryptography Libraries

Name of the Vulnerable Software and Affected Versions: supplementary Go cryptography libraries affected versions not specified Description: A message-forgery issue was discovered in the supplementary Go cryptography libraries. According to the OpenPGP Message Format specification in RFC 4880...

7.5CVSS6.8AI score0.20891EPSS
Exploits8References36
Tenable Nessus
Tenable Nessusadded 2019/05/14 12:0 a.m.47 views

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1521)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a...

10CVSS7AI score0.1081EPSS
Exploits17References21
Tenable Nessus
Tenable Nessusadded 2019/05/13 12:0 a.m.17 views

Apache Tomcat 7.0.x < 7.0.84 Insecure CGI Servlet Search Algorithm Description Weakness

Binary data 700676.pasl...

5.3CVSS6.4AI score0.06198EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/05/13 12:0 a.m.27 views

Apache Tomcat 9.0.x < 9.0.5 Insecure CGI Servlet Search Algorithm Description Weakness

Binary data 700705.pasl...

5.9CVSS6.6AI score0.17716EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/05/13 12:0 a.m.17 views

Apache Tomcat 9.0.x < 9.0.2 Insecure CGI Servlet Search Algorithm Description Weakness

Binary data 700704.pasl...

5.3CVSS6.4AI score0.06198EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/05/13 12:0 a.m.14 views

Apache Tomcat 8.5.x < 8.5.24 Insecure CGI Servlet Search Algorithm Description Weakness

Binary data 700692.pasl...

5.3CVSS6.5AI score0.06198EPSS
Exploits0References2
Schneier on Security
Schneier on Securityadded 2019/05/09 10:58 a.m.68 views

Amazon Is Losing the War on Fraudulent Sellers

Excellent article on fraudulent seller tactics on Amazon. The most prominent black hat companies for US Amazon sellers offer ways to manipulate Amazon's ranking system to promote products, protect accounts from disciplinary actions, and crush competitors. Sometimes, these black hat companies brib...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2019/05/08 3:31 p.m.64 views

IBM Security Key Lifecycle Manager: All Security Bulletins

Summary This page lists all the security bulletins that are released for IBM Security Key Lifecycle Manager. Vulnerability Details Security Bulletin: IBM Security Key Lifecycle Manager stores unencrypted password CVE-2016-6092 --- Security Bulletin: IBM Security Key Lifecycle Manager uses Less...

9.8CVSS0.5AI score0.9986EPSS
Exploits0
Wired Threat Level
Wired Threat Leveladded 2019/05/08 2:39 p.m.46 views

Artificial Intelligence May Not 'Hallucinate' After All

What makes an algorithm mistake a helicopter for a gun? Researchers think the answer has to do more with man than machine...

3.4AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/05/08 12:0 a.m.8 views

Schneider Electric Modicon Multiple Controllers Weak Encryption Algorithm

Binary data 720150.prm...

9.8CVSS7.3AI score0.01437EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/05/08 12:0 a.m.12 views

Mitsubishi MELSEC-Q Ethernet Interface Modules Weak Encryption Algorithm

Binary data 720090.prm...

7.5CVSS7.3AI score0.01312EPSS
Exploits0References2
Veracode
Veracodeadded 2019/05/02 6:10 a.m.34 views

Unauthorized Modification

Java SE and Java SE Embedded are vulnerable to unauthenticated modification attacks. An unauthenticated attacker can exploit a flaw in the Security component of OpenJDK which does not allow users to restrict the set of algorithms allowed for Jar integrity verification allowing an attacker to modi...

3.1CVSS5.9AI score0.01993EPSS
Exploits0References18Affected Software5
Veracode
Veracodeadded 2019/05/02 5:41 a.m.29 views

Integer Overflow

Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...

5CVSS5.4AI score0.046EPSS
Exploits0References15Affected Software1
Veracode
Veracodeadded 2019/05/02 5:41 a.m.56 views

Stack-Based Buffer Overflow

Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...

5CVSS5.4AI score0.046EPSS
Exploits0References16Affected Software1
Veracode
Veracodeadded 2019/05/02 5:41 a.m.27 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References13Affected Software1
Veracode
Veracodeadded 2019/05/02 5:41 a.m.36 views

Improper Signature Validation

The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security TLS. It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as...

7.5CVSS7.4AI score0.01586EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder