Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-3429

Malware in sbrugna...

8.8CVSS9.3AI score0.0213EPSS
Exploits0References20
OSV
OSVadded 2025/05/30 5:41 p.m.1 views

CLSA-2025-1748626881 golang: Fix of 2 CVEs

CVE-2024-24789: fix zip parsing to reject EOCDR records with truncated comments - CVE-2024-9355: fix HMAC to pass initialized length to EVPDigestSignFinal, ensuring correct output handling...

6.5CVSS6.9AI score0.0007EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2010/02/24 12:0 a.m.40 views

Debian DSA-1849-1 : xml-security-c - design flaw

It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed workaround in the C++ version of the Apache implementation of this standard, xml-security-c, by preventing truncation to outpu...

5CVSS7.4AI score0.0222EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2009/12/09 11:14 p.m.2 views

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.3AI score0.0222EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2009/09/08 3:43 p.m.3 views

xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.3AI score0.0222EPSS
Exploits0References4
Debian
Debianadded 2009/08/06 8:38 a.m.37 views

[Backports-security-announce] Security Update for xml-security-c

Russ Allbery uploaded new packages for xml-security-c which fixed the following security problems: CVE-2009-0217 CERT VU466161 It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed...

5CVSS2.3AI score0.0222EPSS
Exploits0
OSV
OSVadded 2009/08/02 12:0 a.m.19 views

DSA-1849-1 xml-security-c - signature forgery

Bulletin has no description...

5CVSS6.3AI score0.0222EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2009/07/14 11:30 p.m.2 views

CVE-2009-0217

The design of the W3C XML Signature Syntax and Processing XMLDsig recommendation, as implemented in products including 1 the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; 2 the WebLogic Server component in BEA Product Suite 10.3, 10.0...

5CVSS7.5AI score0.0222EPSS
Exploits0References92
Rows per page
Query Builder