Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2017-12324

Malware in sbrugna...

10CVSS9.5AI score0.00212EPSS
Exploits1References4
OSV
OSVadded 2025/03/18 10:37 a.m.3 views

MAL-2025-2539 Malicious code in @brix-crypto/crypto-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7667e8bc15f436605e7a5f94dbf1a1d0534b380ead2a777826cc73ad68cf586 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/18 10:37 a.m.2 views

Malicious code in @brix-crypto/crypto-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7667e8bc15f436605e7a5f94dbf1a1d0534b380ead2a777826cc73ad68cf586 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 2024/03/27 8:31 p.m.106 views

Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities

Summary IBM Planning Analytics Workspace is considered vulnerable to a Malicious File Upload vulnerability which could allow a privileged user to upload malicious files that can be automatically processed within the product CVE-2023-42017. This vulnerability has been addressed. IBM Planning...

9.8CVSS10AI score0.09042EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/12/15 2:36 p.m.49 views

Security Bulletin: Vulnerability in Brix crypto-js affects IBM Process Mining CVE-2023-46233

Summary There is a vulnerability in Brix crypto-js that could allow an remote attacker to obtain sensitive information. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION...

9.1CVSS9AI score0.01112EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2023/12/12 5:56 p.m.44 views

Security Bulletin: IBM Automation Decision Services November 2023 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION: Brix crypto-js could...

9.8CVSS8.9AI score0.4929EPSS
Exploits6Affected Software1
CNNVD
CNNVDadded 2023/10/25 12:0 a.m.1 views

crypto-js encryption issue vulnerability

crypto-js is a JavaScript library open-sourced by Brix. A security vulnerability exists in crypto-js versions prior to 4.2.0 that stems from the use of an insecure cryptographic hash algorithm...

9.1CVSS6.7AI score0.01112EPSS
Exploits0References5
Prion
Prionadded 2018/07/09 7:29 p.m.13 views

Format string

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

10CVSS9.5AI score0.02844EPSS
Exploits1References5Affected Software2
OSV
OSVadded 2018/07/09 7:29 p.m.2 views

CVE-2017-3197

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

9.8CVSS5.9AI score0.02844EPSS
Exploits1References5
NVD
NVDadded 2018/07/09 7:29 p.m.9 views

CVE-2017-3198

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

10CVSS9.5AI score0.00212EPSS
Exploits1References3
Prion
Prionadded 2018/07/09 7:29 p.m.16 views

Code injection

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

10CVSS9.4AI score0.00212EPSS
Exploits1References3Affected Software2
CVE
CVEadded 2018/07/09 7:0 p.m.179 views

CVE-2017-3198

CVE-2017-3198 affects GIGABYTE BRIX UEFI firmware for GB-BSi7H-6500 (vF6) and GB-BXi7-5775 (vF2). The root cause is lack of cryptographic validation of firmware images and HTTP delivery of updates, enabling an attacker to modify firmware images without detection and potentially install persistent...

10CVSS9.5AI score0.00212EPSS
In wildExploits1References3Affected Software1
Cvelist
Cvelistadded 2018/07/09 7:0 p.m.15 views

CVE-2017-3197 GIGABYTE BRIX UEFI firmware fails to securely implement BIOS write protection

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash...

9.6AI score0.02844EPSS
Exploits1References5
CVE
CVEadded 2018/07/09 7:0 p.m.183 views

CVE-2017-3197

CVE-2017-3197 concerns GIGABYTE BRIX UEFI firmware for GB-BSi7H-6500 (vF6) and GB-BXi7-5775 (vF2). The root cause is improper implementation of BIOS write-protection features BIOSWE, BLE, SMM_BWP, and PRx, which leaves the BIOS vulnerable to arbitrary writes and possible SPI flash modifications. ...

10CVSS9.6AI score0.02844EPSS
In wildExploits1References5Affected Software1
Cvelist
Cvelistadded 2018/07/09 7:0 p.m.12 views

CVE-2017-3198 GIGABYTE BRIX UEFI firmware is not cryptographically signed

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

9.6AI score0.00212EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2018/07/09 12:0 a.m.48 views

GIGABYTE BRIX UEFI firmware is not cryptographically signed

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected. Recent assessments: Assessed Attacker Valu...

10CVSS1.2AI score0.00212EPSS
In wildExploits1References4
ATTACKERKB
ATTACKERKBadded 2018/07/09 12:0 a.m.38 views

GIGABYTE BRIX UEFI firmware fails to securely implement BIOS write protection

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 version F6 and GB-BXi7-5775 version F2 platforms does not securely implement BIOSWE, BLE, SMMBWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash. Recent assessment...

10CVSS3.9AI score0.02844EPSS
In wildExploits1References6
CNVD
CNVDadded 2017/04/04 12:0 a.m.3 views

Gigabyte BRIX Mini PCs are vulnerable to firmware update validation flaws

GIGABYTE is a professional motherboard manufacturer in Taiwan. GB-BSi7H-6500 and GB-BXi7-5775 are GIGABYTE Brix small computers, similar to Intel NUCs. UEFI, or Unified Extensible Firmware Interface, is a standard that describes the type of interface in detail. UEFI, or Unified Extensible Firmwar...

10CVSS7.5AI score0.02844EPSS
Exploits1References1
CNVD
CNVDadded 2017/04/01 12:0 a.m.3 views

GIGABYTE BRIX Mini PCs suffer from a flawed firmware protection mechanism vulnerability

GIGABYTE is a professional motherboard manufacturer in Taiwan, GB-BSi7H-6500 and GB-BXi7-5775 are the BRIX series of mini PCs. UEFI, or Unified Extensible Firmware Interface, is a standard that describes a detailed type of interface. This interface is used to automatically load the operating syst...

10CVSS7.2AI score0.00212EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEVadded 2017/03/31 12:0 a.m.0 views

VulnCheck KEV: CVE-2017-3198

GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected...

10CVSS7.4AI score0.00212EPSS
Exploits1References1
Rows per page
Query Builder