Lucene search
K

48712 matches found

CVE
CVE
added 2026/06/26 3:53 p.m.24 views

CVE-2023-20572

CVE-2023-20572 describes a timing discrepancy in the ASP that could enable a local attacker to brute-force the hash message authentication code, risking data integrity. The connected AMD bulletin AMD-SB-4012 references potential vulnerabilities on AMD Client Processor platforms affecting ASP and ...

5.6CVSS5.9AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/26 3:50 p.m.7 views

CVE-2026-53038

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When handling unsupported Trusted Platform Module TPM hash algorithms, the imafs component incorrectly accesses a hash algorithm name array, leading to a read out-of-bounds. This vulnerability could allow a...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 3:44 p.m.19 views

CVE-2023-20540

CVE-2023-20540 describes a timing discrepancy in the AMD Secure Processor (ASP) that could enable a privileged attacker to brute-force the hash-based MAC, potentially compromising data integrity. Affected component: AMD Secure Processor / ASP in AMD client/server platforms using ASP. Root cause: ...

1.8CVSS5.9AI score0.00114EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 3:44 p.m.4 views

EUVD-2023-60597

An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potentially leading to a loss of data integrity...

1.8CVSS5.9AI score0.00114EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39571

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS5.9AI score0.0016EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/26 12:8 a.m.4 views

CVE-2026-10804

A flaw was found in Streamlit, within its Palette Handler component. This vulnerability stems from the use of a weak hashing algorithm. A local attacker could exploit this flaw, though it requires a high level of technical complexity. Successful exploitation may lead to a low impact on the...

4.7CVSS5.8AI score0.00083EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/26 12:4 a.m.6 views

CVE-2026-53057

A flaw was found in the Linux kernel, specifically within the Input/Output Memory Management Unit IOMMU for RISC-V architectures. This vulnerability occurs because the system does not properly clear out old memory translation information, known as Translation Lookaside Buffer TLB and context cach...

8.8CVSS5.9AI score0.00127EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.7 views

PT-2026-52991

Name of the Vulnerable Software and Affected Versions H.View HV-500S6 IP Camera affected versions not specified Description Certificate-related upload interfaces allow authenticated users to store arbitrary file content in fixed, persistent filesystem locations. The system fails to validate the...

8.6CVSS5.9AI score0.004EPSS
Exploits0References7
OSV
OSV
added 2026/06/25 10:17 p.m.2 views

DEBIAN-CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/06/25 10:17 p.m.6 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS0.0016EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/25 9:2 p.m.4 views

CVE-2026-6329

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6.5CVSS5.8AI score0.0016EPSS
Exploits0
CVE
CVE
added 2026/06/25 9:2 p.m.14 views

CVE-2026-6329

CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...

6.5CVSS5.9AI score0.0016EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/25 9:2 p.m.26 views

CVE-2026-6329 PKCS#12 MAC verification uses attacker-controlled comparison length

PKCS12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS12 structure using a length taken directly fr...

6CVSS0.0016EPSS
Exploits0References2
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-50021

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's tarball extraction worker skips integrity verification when the integrity field is absent from the lockfile resolution. If an attacker can both modify pnpm-lock.yaml to remove the integrity: field and cause the referenced registry URL...

8.1CVSS0.00126EPSS
Exploits1References1
NVD
NVD
added 2026/06/25 6:16 p.m.8 views

CVE-2026-50573

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the...

8.1CVSS0.00113EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/06/25 5:36 p.m.5 views

keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS5.8AI score0.00267EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 5:17 p.m.9 views

CVE-2026-9705

A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...

6.5CVSS0.00267EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/25 5:2 p.m.6 views

CVE-2026-57062

A flaw in GnuPG's gpgsm component improperly handles the Cryptographic Message Syntax CMS format for AES-GCM. By accepting an authentication tag length of 4 bytes instead of the required 12 bytes, this vulnerability allows for a low-impact data integrity issue where the cryptographic validity of...

2.9CVSS5.7AI score0.0011EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/25 4:50 p.m.28 views

CVE-2026-50573 pnpm: Unsafe default behavior breaks integrity check

pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the...

6.8CVSS0.00113EPSS
Exploits1References1
CVE
CVE
added 2026/06/25 4:50 p.m.13 views

CVE-2026-50573

Summary: CVE-2026-50573 affects pnpm prior to 10.34.0 and 11.4.0. In non-frozen mode, when a locked package’s integrity conflicts with later registry content, pnpm may report an integrity mismatch but then perform a resolution repair, update the lockfile with the registry’s new integrity, and ins...

8.1CVSS5.9AI score0.00113EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder