Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-6374

Malware in sbrugna...

4.3CVSS4.8AI score0.00325EPSS
Exploits0References4
CNVD
CNVDadded 2016/09/05 12:0 a.m.0 views

Jose-php Information Disclosure Vulnerability

jose-php is suitable for PHP JSON object signature and encryption library . A security vulnerability exists in versions of jose-php before 2.2.1, due to the lack of a random padding mechanism in the implementation of the RSA 1.5 algorithm in the JWE.php/JOSEJWE class. A remote attacker can obtain...

5.3CVSS7AI score0.00274EPSS
Exploits0References1
CNVD
CNVDadded 2016/09/05 12:0 a.m.0 views

jose-php information disclosure vulnerability (CNVD-2016-07257)

jose-php is suitable for PHP JSON object signature and encryption library . A security vulnerability exists in versions of jose-php prior to 2.2.1, due to the non-use of constant time for HMAC comparisons. Remote attackers can obtain sensitive information by timing attacks...

4.3CVSS6.6AI score0.00325EPSS
Exploits0References1
NVD
NVDadded 2016/09/03 8:59 p.m.9 views

CVE-2016-5430

The RSA 1.5 algorithm implementation in the JOSEJWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...

5.3CVSS5.1AI score0.00274EPSS
Exploits0References2
NVD
NVDadded 2016/09/03 8:59 p.m.10 views

CVE-2016-5429

jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php...

4.3CVSS4AI score0.00325EPSS
Exploits0References3
OSV
OSVadded 2016/09/03 8:59 p.m.7 views

CVE-2016-5429

jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php...

3.7CVSS6.4AI score
Exploits0References3
Prion
Prionadded 2016/09/03 8:59 p.m.11 views

Information disclosure

jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php...

4.3CVSS6.6AI score0.00325EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2016/09/03 8:0 p.m.17 views

CVE-2016-5429

jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php...

3.9AI score0.00325EPSS
Exploits0References3
CVE
CVEadded 2016/09/03 8:0 p.m.34 views

CVE-2016-5430

The CVE-2016-5430 entry affects jose-php prior to 2.2.1, where the RSA-1.5 implementation in JOSE_JWE/JWE.php lacks a Random Filling protection mechanism. This omission enables a remote attacker to obtain plaintext data via a Million Message Attack (MMA). Affected component: jose-php’s JWE.php wi...

5.3CVSS5.1AI score0.00274EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2016/09/03 8:0 p.m.49 views

CVE-2016-5429

CVE-2016-5429 concerns the jose-php library prior to 2.2.1, where non-constant-time HMAC comparisons in the implementation (notably in JWE.php and JWS.php) can enable remote attackers to glean sensitive data via timing attacks. Public sources consistently state that the vulnerability enables info...

4.3CVSS4.1AI score0.00325EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder