Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2023/08/14 9:10 p.m.19 views

GHSA-W5VR-6QHR-36CC `ed25519-dalek` Double Public Key Signing Function Oracle Attack

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS6.1AI score0.00024EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/08/14 9:10 p.m.16 views

`ed25519-dalek` Double Public Key Signing Function Oracle Attack

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS6.1AI score0.00024EPSS
Exploits0References4Affected Software1
Openbugbounty
Openbugbountyadded 2023/01/12 6:15 p.m.11 views

hazmat-tarps.com Cross Site Scripting vulnerability OBB-3145780

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbountyadded 2022/10/18 6:2 a.m.9 views

hazmat-tarps.com Cross Site Scripting vulnerability OBB-3002931

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
RustSec
RustSecadded 2022/06/11 12:0 p.m.3 views

Double Public Key Signing Function Oracle Attack on `ed25519-dalek`

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS7AI score0.00024EPSS
Exploits0Affected Software1
Openbugbounty
Openbugbountyadded 2017/12/09 12:54 a.m.9 views

hazmat.globalincidentmap.com XSS vulnerability

Open Bug Bounty ID: OBB-450639 Description| Value ---|--- Affected Website:| hazmat.globalincidentmap.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...

6.3AI score
Exploits0
Rows per page
Query Builder