Lucene search
K

205 matches found

NVD
NVD
added 2025/09/22 6:15 p.m.4 views

CVE-2025-59420

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

7.5CVSS0.00244EPSS
Exploits1References3
OSV
OSV
added 2025/09/22 6:15 p.m.3 views

UBUNTU-CVE-2025-59420

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

7.5CVSS7AI score0.00244EPSS
Exploits1References5
OSV
OSV
added 2025/09/22 5:28 p.m.5 views

CVE-2025-59420 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.4, Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical...

7.5CVSS6.7AI score0.00244EPSS
Exploits1References5
OSV
OSV
added 2025/09/22 2:42 p.m.5 views

GHSA-9GGR-2464-2J32 Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Summary Authlib’s JWS verification accepts tokens that declare unknown critical header parameters crit, violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header for example, bork or cnf that strict verifiers reject but Authlib accepts. In...

7.5CVSS7.1AI score0.00244EPSS
Exploits1References5
Packet Storm News
Packet Storm News
added 2025/08/17 12:0 a.m.4 views

Cyber Risks to Next-Gen Brain-Computer Interfaces: Analysis and Recommendations

Brain-computer interfaces BCIs show enormous potential for advancing personalized medicine. However, BCIs also introduce new avenues for cyber-attacks or security compromises. In this article, we analyze the problem and make recommendations for device manufacturers to better secure devices and to...

7.2AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/08/04 7:32 p.m.4 views

CVE-2025-8523 RiderLike Fruit Crush-Brain App com.fruitcrush.fun AndroidManifest.xml improper export of android application components

A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android...

5.3CVSS6.8AI score0.00129EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.2 views

Foundation of Affective Computing and Interaction

This book provides a comprehensive exploration of affective computing and human-computer interaction technologies. It begins with the historical development and basic concepts of human-computer interaction, delving into the technical frameworks and practical applications of emotional computing,...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:35 a.m.7 views

CVE-2024-7071

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.6 views

CVE-2020-24395

The USB firmware update script of homee Brain Cube v2 2.28.2 and 2.28.4 devices allows an attacker with physical access to install compromised firmware. This occurs because of insufficient validation of the firmware image file and can lead to code execution on the device...

7.2CVSS7.4AI score0.0024EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/20 12:0 a.m.3 views

Neuromorphic Mimicry Attacks Exploiting Brain-Inspired Computing for Covert Cyber Intrusions

Neuromorphic computing, inspired by the human brain's neural architecture, is revolutionizing artificial intelligence and edge computing with its low-power, adaptive, and event-driven designs. However, these unique characteristics introduce novel cybersecurity risks. This paper proposes...

7.2AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2024/09/17 6:27 p.m.7 views

GPU Hosting and Open Source AI Will Revolutionize or Kill WordPress

On the eve of WordCamp US 2024 we find ourselves in the midst of a revolution. It is perhaps the most profoundly transformative technology revolution our species has experienced in our short history in this Universe. In fundamental terms, since computers have existed we have been programming them...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2024/08/27 2:15 p.m.7 views

CVE-2024-7071

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References3
NVD
NVD
added 2024/08/27 2:15 p.m.28 views

CVE-2024-7071

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...

9.8CVSS0.00421EPSS
Exploits0References2
OSV
OSV
added 2024/08/27 2:15 p.m.3 views

CVE-2024-7071

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection.This issue affects Brain Low-Code: before 2.1.0...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/27 1:57 p.m.15 views

CVE-2024-7071 Unauthenticate SQLi in Brain Information Technologies' Brain Low-Code

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...

9.3CVSS5.8AI score0.00421EPSS
Exploits0References2
CVE
CVE
added 2024/08/27 1:57 p.m.48 views

CVE-2024-7071

The issue is a SQL Injection vulnerability in Brain Low-Code (Hibernate component) caused by improper neutralization of special elements in SQL commands. Affected versions are Brain Low-Code before 2.1.0. The vulnerability arises within the Hibernate integration, enabling unauthenticated SQL inje...

9.8CVSS5.8AI score0.00421EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/08/27 1:57 p.m.28 views

CVE-2024-7071 Unauthenticate SQLi in Brain Information Technologies' Brain Low-Code

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in Brain Information Technologies Inc. Brain Low-Code allows SQL Injection. This issue affects Brain Low-Code: before 2.1.0...

9.3CVSS0.00421EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/27 12:0 a.m.4 views

Brain Low-Code SQL注入漏洞

Brain Low-Code is a software development platform from Brain Low-Code that requires little to no coding to build applications and processes. An SQL injection vulnerability exists in versions of Brain Low-Code prior to 2.1.0. No information about this vulnerability is available at this time, so st...

9.8CVSS7.6AI score0.00421EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.5 views

PT-2024-38060

Name of the Vulnerable Software and Affected Versions Brain Low-Code versions prior to 2.1.0 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This vulnerability affects the Hibernate component in Brain...

9.8CVSS5.7AI score0.00421EPSS
Exploits0References13
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:51 p.m.3 views

Malicious code in kevins-propietary_brain (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
Rows per page
Query Builder