Lucene search
K

333 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

TencentOS Server 4: libreoffice (TSSA-2025:0360)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0360 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

5.5CVSS5.3AI score0.00096EPSS
Exploits0References2
Veracode
Veracode
added 2025/11/18 10:53 a.m.6 views

Improper Verification Of Cryptographic Signature

Apache Spark is vulnerable to Improper Verification of Cryptographic Signature. The vulnerability is due to the use of an unauthenticated default encryption cipher AES/CTR/NoPadding for RPC communication when spark.network.crypto.enabled is true and no cipher is explicitly configured, which allow...

6.5CVSS7AI score0.00223EPSS
Exploits0References6Affected Software2
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.5 views

WordPress plugin wModes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References6
Snyk
Snyk
added 2025/11/12 8:45 p.m.1 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via incomplete validation of attestation documents in the attestation verification process. An attacker can cause clients to trust enclaves that do not meet expected integrity guarantees ...

9.3CVSS6.5AI score0.00124EPSS
Exploits1References2
OSV
OSV
added 2025/10/30 3:2 p.m.9 views

GO-2025-4028 go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents in github.com/in-toto/go-witness

go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents in github.com/in-toto/go-witness...

6.9CVSS6.9AI score0.00186EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/29 12:0 a.m.3 views

Siemens SIMATIC Devices Improper Verification of Cryptographic Signature (CVE-2024-0567)

A vulnerability was found in GnuTLS, where a cockpit which uses gnuTLS rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate- ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of...

7.5CVSS6.5AI score0.01408EPSS
Exploits1References3
Snyk
Snyk
added 2025/10/27 7:43 p.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to unsafe handling of null keyslot algorithms in the cryptactivatebypassphrase function. An attacker can gain unauthorized access to unencrypted persistent storage by exploiting the...

8.3CVSS7AI score0.00105EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2025/10/22 12:0 a.m.8 views

Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability

Motex LANSCOPE Endpoint Manager contains an improper verification of source of a communication channel vulnerability allowing an attacker to execute arbitrary code by sending specially crafted packets...

9.8CVSS7.8AI score0.02689EPSS
In wildExploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/20 7:17 a.m.3 views

Lanscope Endpoint Manager (On-Premises) vulnerable to improper verification of source of a communication channel

Overview Lanscope Endpoint Manager On-Premises provided by MOTEX Inc. contains the following vulnerability. Improper verification of source of a communication channel CWE-940 - CVE-2025-61932 MOTEX Inc. reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and...

9.8CVSS7.4AI score0.02689EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/10/15 8:12 p.m.8 views

go-witness is Vulnerable to Improper Verification of AWS EC2 Identity Documents

Impact This vulnerability only affects users of the AWS attestor. Users of the AWS attestor could have unknowingly received a forged identity document. While this may seem unlikely, AWS recently issued a security bulletin about IMDS Instance Metadata Service impersonation.^1 There are multiple...

6.9CVSS6.9AI score0.00186EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2025/10/15 7:23 p.m.10 views

CVE-2025-62375 go-witness Improper Verification of AWS EC2 Identity Documents

go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is not present or is...

6.9CVSS0.00186EPSS
Exploits0References2
CVE
CVE
added 2025/10/15 7:23 p.m.17 views

CVE-2025-62375

The CVE describes an improper verification in the AWS attestor used by go-witness and witness. In affected versions, the attestor can accept forged AWS EC2 instance identity documents when a signature is absent/empty or RSA verification fails, and it relies on a legacy global AWS certificate inst...

6.9CVSS6.2AI score0.00186EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/15 7:46 a.m.2 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature when the spark.network.crypto.enabled is true and the cipher is not explicitly configured, resulting in the use of AES in CTR mode without authentication. An attacker can compromise the...

9CVSS6.9AI score0.00223EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-11341

Malware in sbrugna...

4.3CVSS4.2AI score0.00634EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-23572

Malware in sbrugna...

5.3CVSS5.5AI score0.00541EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.12 views

EUVD-2020-0226

Malware in sbrugna...

9.8CVSS9AI score0.00979EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-23618

Malware in sbrugna...

9.1CVSS9.2AI score0.00741EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-23617

Malware in sbrugna...

9.1CVSS9.2AI score0.00741EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-23574

Malware in sbrugna...

5.3CVSS5.5AI score0.00541EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-26509

Malicious code in bioql PyPI...

5.1CVSS6.5AI score0.00101EPSS
Exploits0References1
Rows per page
Query Builder