Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/03/14 5:5 p.m.10 views

CVE-2025-29774 xml-crypto Vulnerable to XML Signature Verification Bypass via Multiple SignedInfo References

xml-crypto is an XML digital signature and encryption library for Node.js. An attacker may be able to exploit a vulnerability in versions prior to 6.0.1, 3.2.1, and 2.1.6 to bypass authentication or authorization mechanisms in systems that rely on xml-crypto for verifying signed XML documents. Th...

9.3CVSS7AI score0.0905EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2022/07/18 12:0 a.m.359 views

Builder XtremeRAT 3.7 MVID-2022-0624 Insecure Crypto Bypass

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7f314e798c150aedd9ce41ed39318f65B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Builder XtremeRAT v3.7 Vulnerability: Insecure Crypto Bypass Description: The malware...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2016/01/27 11:26 a.m.6 views

chromium-browser: weak random number generator in Blink

Blink, as used in Google Chrome before 48.0.2564.82, does not ensure that a proper cryptographicallyRandomValues random number generator is used, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors...

6.5CVSS7.4AI score0.01341EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/02/22 5:2 a.m.4 views

tomcat: Multiple weaknesses in HTTP DIGEST authentication

DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret aka private key, which makes it easier for remote attackers to bypass cryptographic...

5CVSS6.1AI score0.0854EPSS
Exploits0References4
Rows per page
Query Builder