Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
•added 2026/05/19 9:55 p.m.•8 views

CVE-2023-7345 Ledger Live hw-app-eth EIP-712 Message Parsing Integer Truncation

Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data messages by exploiting incorrect hexadecimal field parsing when values contain an odd number of characters. Attackers can...

6.9CVSS5.8AI score0.00263EPSS
Exploits0References2
SUSE Linux
SUSE Linux
•added 2026/03/03 1:24 p.m.•5 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2026-0964: improper sanitation of paths received from SCP servers can cause path traversal bsc1258049. CVE-2026-0965: possible denial of service when parsing unexpected configuration files bsc1258045. CVE-2026-0966: buffer underflow in...

6.5CVSS6AI score0.00582EPSS
Exploits0References20
Ubuntu
Ubuntu
•added 2026/02/23 7:56 p.m.•6 views

USN-8051-2: libssh vulnerabilities

USN-8051-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that libssh clients incorrectly handled the key exchange process. A remote attacker could possibly...

8.2CVSS5.6AI score0.00582EPSS
Exploits0
Hacker One
Hacker One
•added 2022/02/11 2:50 p.m.•28 views

Cloudflare Public Bug Bounty: HTTP Request Smuggling in Transform Rules using hexadecimal escape sequences in the concat() function

The Edge Rules engine used by Cloudflare Transform Rules features string modifying functions like lower and concat, which accepted hexadecimal-encoded characters such as ā€\x0a\x0dā€œ. This allowed for manipulation of request headers e.g. injecting an additional header and, as a consequence, made HT...

7.1AI score
Exploits0
Rows per page
Query Builder