Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1488 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-3793

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.01523EPSS
Exploits0References9
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2025-16676

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00242EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-2037

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00149EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-16831

Malicious code in bioql PyPI...

5.2CVSS6.5AI score0.0007EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-5763

Malicious code in bioql PyPI...

5.1CVSS6.4AI score0.16071EPSS
Exploits0References29
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2022-4170

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00327EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-3035

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00059EPSS
Exploits0References4
OSV
OSVadded 2025/10/03 7:56 p.m.4 views

RLSA-2025:9418 Moderate: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

5.9CVSS6.8AI score0.00252EPSS
Exploits0References2
OSV
OSVadded 2025/09/22 8:44 a.m.1 views

SUSE-SU-2025:20719-1 Security update for krb5

This update for krb5 fixes the following issues: - CVE-2025-3576: Fixed Kerberos RC4-HMAC-MD5 Checksum Vulnerability bsc1241219...

5.9CVSS7.1AI score0.00252EPSS
Exploits0References3
SUSE Linux
SUSE Linuxadded 2025/09/22 8:42 a.m.3 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: Fixed Kerberos RC4-HMAC-MD5 Checksum Vulnerability bsc1241219 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...

8.2CVSS7AI score0.00252EPSS
Exploits0References4
SUSE Linux
SUSE Linuxadded 2025/09/15 12:33 p.m.2 views

Security update for krb5

This update for krb5 fixes the following issues: CVE-2025-3576: weakness in the MD5 checksum design allows for spoofing of GSSAPI-protected messages that are using RC4-HMAC-MD5 bsc1241219. Krb5, as a very old protocol, supported quite a number of ciphers that are not longer up to current...

8.2CVSS7AI score0.00252EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/09/14 1:33 p.m.6 views

CVE-2025-59058

httpsig-rs is a Rust implementation of IETF RFC 9421 http message signatures. Prior to version 0.0.19, the HMAC signature comparison is not timing-safe. This makes anyone who uses HS256 signature verification vulnerable to a timing attack that allows the attacker to forge a signature. Version...

5.9CVSS6.8AI score0.0006EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2025/09/12 11:23 p.m.1 views

SUSE CVE-2025-49133

Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds OOB read vulnerability. The...

5.9CVSS7AI score0.00096EPSS
Exploits0References10
NVD
NVDadded 2025/09/12 2:15 p.m.4 views

CVE-2025-59058

httpsig-rs is a Rust implementation of IETF RFC 9421 http message signatures. Prior to version 0.0.19, the HMAC signature comparison is not timing-safe. This makes anyone who uses HS256 signature verification vulnerable to a timing attack that allows the attacker to forge a signature. Version...

5.9CVSS0.0006EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/12 1:10 p.m.2 views

CVE-2025-59058 httpsig-rs's HMAC verification is vulnerable to timing attack

httpsig-rs is a Rust implementation of IETF RFC 9421 http message signatures. Prior to version 0.0.19, the HMAC signature comparison is not timing-safe. This makes anyone who uses HS256 signature verification vulnerable to a timing attack that allows the attacker to forge a signature. Version...

5.9CVSS6.4AI score0.0006EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/09/10 10:39 a.m.12 views

python-cryptography: NULL pointer dereference with pkcs12.serialize_key_and_certificates when called with a non-matching certificate and private key and an hmac_hash override

A flaw was discovered in python-cryptography. A NULL pointer dereference can be triggered when a PKCS12 key and certificate do not match. Specifically, if the pkcs12.serializekeyandcertificates function is called with a non-matching certificate and private key and an encryption algorithm with...

7.5CVSS7.1AI score0.00462EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2025/09/10 12:0 a.m.4 views

Important: python3.12-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.8AI score0.00462EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-48995

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SignXML is an implementation of the W3C XML Signature standard in Python. When verifying signatures with X509 certificate validation turned off and HMAC shared...

6.9CVSS5.8AI score0.00242EPSS
Exploits0References2
OSV
OSVadded 2025/09/10 12:0 a.m.5 views

ALSA-2025:15608 Important: python3.12-cryptography security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.5CVSS6.8AI score0.00462EPSS
Exploits0References4
OSV
OSVadded 2025/09/05 12:42 p.m.2 views

OESA-2025-2134 libtpms security update

A library providing TPM functionality for VMs. Targeted for integration into Qemu. Security Fixes: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by th...

5.9CVSS7.3AI score0.00096EPSS
Exploits0References2
Rows per page
Query Builder