CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2022-7253

Malicious code in bioql PyPI...

5.4CVSS5.5AI score0.00126EPSS

Exploits1References9

RedhatCVE•added 2025/05/22 10:10 p.m.•3 views

CVE-2022-39199

immudb is a database with built-in cryptographic proof and verification. immudb client SDKs use server's UUID to distinguish between different server instance so that the client can connect to different immudb instances and keep the state for multiple servers. SDK does not validate this uuid and...

5.9CVSS6.7AI score0.00119EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:54 p.m.•4 views

CVE-2022-36111

immudb is a database with built-in cryptographic proof and verification. In versions prior to 1.4.1, a malicious immudb server can provide a falsified proof that will be accepted by the client SDK signing a falsified transaction replacing the genuine one. This situation can not be triggered by a...

5.4CVSS6.6AI score0.00126EPSS

Exploits1

OSV•added 2022/12/22 10:30 p.m.•16 views

GO-2022-1117 Insufficient verification of proofs in github.com/codenotary/immudb

In certain scenarios, a malicious immudb server can provide a falsified proof that will be accepted by the client SDK signing a falsified transaction replacing the genuine one. This situation can not be triggered by a genuine immudb server and requires the client to perform a specific list of...

5.4CVSS5.1AI score0.00126EPSS

Exploits1References4

Veracode•added 2022/11/24 4:38 p.m.•22 views

Improper Authorization

github.com/codenotary/immudb is vulnerable to improper authorization. A malicious attacker is able to provide falsified proof that will be accepted by the client SDK, signing a falsified transaction replacing the genuine one. This vulnerability only affects immudb client SDKs, the immudb server...

5.4CVSS5.4AI score0.00126EPSS

Exploits1References6Affected Software1

Veracode•added 2022/11/24 1:42 p.m.•9 views

Improper Authorization

github.com/codenotary/immudb is vulnerable to improper authorization. The library does not properly validate SDKs server UUIDs which allows a malicious server to change the reported UUID, tricking the client to treat it as a different server thus accepting a state completely irrelevant to the one...

5.9CVSS3AI score0.00119EPSS

Exploits0References3Affected Software1

CNVD•added 2022/11/24 12:0 a.m.•15 views

immudb data forgery problem vulnerability

Immudb is a database with built-in cryptographic proof and authentication. A data forgery issue vulnerability exists in codenotary immudb versions prior to 1.4.1, which stems from a client SDK that does not validate the UUID and can accept any value reported by the server, which can be exploited ...

5.9CVSS5.5AI score0.00119EPSS

Exploits0References1

NVD•added 2022/11/23 6:15 p.m.•11 views

CVE-2022-36111

5.4CVSS0.00126EPSS

Exploits1References4

Prion•added 2022/11/23 6:15 p.m.•5 views

Code injection

2.6CVSS5.1AI score0.00126EPSS

Exploits1References4Affected Software1

CVE•added 2022/11/23 12:0 a.m.•62 views

CVE-2022-36111

CVE-2022-36111 affects immudb client SDKs, not the server. In versions prior to 1.4.1, a malicious immudb server can provide a falsified proof that the client accepts, signing a falsified transaction and replacing the genuine one. The attacker must prompt the client to perform a specific sequence...

5.4CVSS5.1AI score0.00126EPSS

Exploits1References4Affected Software1

Cvelist•added 2022/11/23 12:0 a.m.•12 views

CVE-2022-36111 immundb has insufficient verification of data authenticity

5.4CVSS5.6AI score0.00126EPSS

Exploits1References4

OSV•added 2022/11/23 12:0 a.m.•11 views

CVE-2022-36111 immundb has insufficient verification of data authenticity

5.4CVSS5.3AI score0.00126EPSS

Exploits1References6

Vulnrichment•added 2022/11/23 12:0 a.m.•5 views

CVE-2022-36111 immundb has insufficient verification of data authenticity

5.4CVSS6.9AI score0.00126EPSS

Exploits1References4

NVD•added 2022/11/22 8:15 p.m.•9 views

CVE-2022-39199

5.9CVSS0.00119EPSS

Exploits0References2

Prion•added 2022/11/22 8:15 p.m.•7 views

Design/Logic Flaw

2.6CVSS5.6AI score0.00119EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/11/22 12:0 a.m.•11 views

CVE-2022-39199 Lack of proper validation in immudb

5.8CVSS5.9AI score0.00119EPSS

Exploits0References2

CVE•added 2022/11/22 12:0 a.m.•66 views

CVE-2022-39199

The CVE-2022-39199 issue affects immudb where client SDKs do not validate the server UUID, allowing a malicious server to report a UUID that makes the client treat the server as a different instance and retain an unrelated state. This is described across multiple sources in the connected document...

5.9CVSS5.5AI score0.00119EPSS

Exploits0References2Affected Software1

OSV•added 2022/11/22 12:0 a.m.•10 views

CVE-2022-39199 Lack of proper validation in immudb

5.8CVSS5.7AI score0.00119EPSS

Exploits0References4

Vulnrichment•added 2022/11/22 12:0 a.m.•7 views

CVE-2022-39199 Lack of proper validation in immudb

5.8CVSS5.7AI score0.00119EPSS

Exploits0References2