Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/03/11 6:56 p.m.26 views

CVE-2026-31889 Shopware has a potential take over of app credentials

Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the communication channel between a shop and an app. The legacy app registration flow used HMAC‑based...

8.9CVSS0.00094EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-1616

Malware in sbrugna...

7.5CVSS7.6AI score0.00212EPSS
Exploits0References3
CNNVD
CNNVDadded 2024/06/09 12:0 a.m.1 views

Authlib Security Vulnerability

Authlib is the ultimate Python library for building OAuth and OpenID Connect servers open-sourced by Authlib. A security vulnerability exists in Authlib versions prior to 1.3.1 that stems from allowing HMAC authentication using any asymmetric public key...

7.5CVSS7AI score0.00145EPSS
Exploits1References3
NVD
NVDadded 2019/06/14 5:29 p.m.12 views

CVE-2018-13906

The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industri...

9.1CVSS9.2AI score0.00233EPSS
Exploits0References1
FreeBSD
FreeBSDadded 2014/06/05 12:0 a.m.16 views

codeigniter -- multiple vulnerabilities

The CodeIgniter changelog reports: Security: The xorencode method in the Encrypt Class has been removed. The Encrypt Class now requires the Mcrypt extension to be installed. Security: The Session Library now uses HMAC authentication instead of a simple MD5 checksum...

1.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2009/04/23 12:0 a.m.45 views

Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : net-snmp vulnerabilities (USN-685-1)

Wes Hardaker discovered that the SNMP service did not correctly validate HMAC authentication requests. An unauthenticated remote attacker could send specially crafted SNMPv3 traffic with a valid username and gain access to the user's views without a valid authentication passphrase. CVE-2008-0960...

10CVSS6.5AI score0.23493EPSS
Exploits15References4
OpenVAS
OpenVASadded 2009/03/23 12:0 a.m.29 views

Ubuntu Update for net-snmp vulnerabilities USN-685-1

Ubuntu Update for Linux kernel vulnerabilities USN-685-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6851.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for net-snmp vulnerabilities USN-685-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

10CVSS7.1AI score0.23493EPSS
Exploits15References2
securityvulns
securityvulnsadded 2008/06/10 12:0 a.m.69 views

[oCERT-2008-006] multiple SNMP implementations HMAC authentication spoofing

2008/06/09 2008-006 multiple SNMP implementations HMAC authentication spoofing Description: Some SNMP implementations include incomplete HMAC authentication code that allows spoofing of authenticated SNMPv3 packets. The authentication code reads the length to be checked from sender input, this...

10CVSS0.7AI score0.23493EPSS
Exploits7
Rows per page
Query Builder