Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

SUSE CVE
SUSE CVEadded 2025/11/09 12:23 a.m.5 views

SUSE CVE-2025-62375

go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is...

6.9CVSS6.4AI score0.00186EPSS
Exploits0References2
OSV
OSVadded 2025/10/15 8:12 p.m.1 views

GHSA-72C7-4G63-HPW5 go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents

Impact This vulnerability only affects users of the AWS attestor. Users of the AWS attestor could have unknowingly received a forged identity document. While this may seem unlikely, AWS recently issued a security bulletin about IMDS Instance Metadata Service impersonation.^1 There are multiple...

6.9CVSS6.8AI score0.00186EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2021/06/23 5:29 p.m.86 views

XML Processing error in github.com/crewjam/saml

Impact There are three vulnerabilities in the go encoding/xml package that can allow an attacker to forge part of a signed XML document. For details on this vulnerability see xml-roundtrip-validator Patches In version 0.4.3, all XML input is validated prior to being parsed...

10CVSS9AI score0.04872EPSS
Exploits1References11Affected Software1
Rows per page
Query Builder