Lucene search
K

55 matches found

RedhatCVE
RedhatCVE
added 2026/06/29 9:41 a.m.6 views

CVE-2026-53302

A flaw was found in the Linux kernel's cryptographic module, specifically within the EIP93 hardware accelerator driver. An error in how the system allocates resources for HMAC Keyed-Hash Message Authentication Code operations can lead to a critical system failure. When certain cryptographic...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.7 views

PT-2026-52604

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists in the EVP DigestVerifyFinal function where a zero-length tag could be accepted as valid during HMAC Hash-based Message Authentication Code...

7.5CVSS5.7AI score0.00147EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/09 11:47 p.m.37 views

CVE-2026-46545 nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state...

7.5CVSS0.00339EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 11:47 p.m.24 views

CVE-2026-46545

Summary: CVE-2026-46545 affects the Nimiq core-rs-albatross project (MerkleRadixTrie::put_chunk) and causes a remote, unauthenticated denial-of-service by a malicious state-sync peer sending a ROOT-keyed item in a ResponseChunk; upon put_raw attempting to store at the root, it panics with RootCan...

7.5CVSS5.4AI score0.00339EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:47 p.m.9 views

CVE-2026-46545 nimiq-primitives: Panic DoS in trie chunk processing via ROOT-keyed item

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in MerkleRadixTrie::putchunk allows any state-sync peer to crash any node performing state...

7.5CVSS5.2AI score0.00339EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:25 p.m.7 views

CVE-2026-46444

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware and the route path /api/v1/openai-assistants-vector-store is not in WHITELISTURLS. However, it i...

8.7CVSS5.5AI score0.00327EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/05/19 8:3 p.m.7 views

GHSA-G8WJ-3CR3-6W7V Nuxt: `__nuxt_island` endpoint does not bind responses to request props, enabling shared-cache poisoning

Summary The /nuxtisland/ endpoint accepts attacker-controlled props query/body parameters and renders any island component without verifying that the URL-resident hash .json was actually issued for those inputs by . The hash is computed and embedded client-side but never validated server-side, so...

2.3CVSS6AI score0.00091EPSS
Exploits0References4
Fedora
Fedora
added 2026/03/27 1:18 a.m.6 views

[SECURITY] Fedora 43 Update: fontforge-20230101-20.fc43

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

8.8CVSS7.2AI score0.00581EPSS
Exploits0
Fedora
Fedora
added 2026/03/27 12:50 a.m.5 views

[SECURITY] Fedora 42 Update: fontforge-20230101-19.fc42

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

8.8CVSS7.2AI score0.00581EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/03/25 1:31 p.m.5 views

CVE-2026-3119

Under certain conditions, named may crash when processing a correctly signed query containing a TKEY record. The affected code can only be reached if an incoming request has a valid transaction signature TSIG from a key declared in the named configuration. This issue affects BIND 9 versions 9.20....

6.5CVSS5.9AI score0.00576EPSS
Exploits0
Snyk
Snyk
added 2026/03/25 1:54 a.m.1 views

Malicious Package

Overview @rexxtheproject/keyed-db is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/03/25 1:54 a.m.8 views

MAL-2026-2165 Malicious code in @rexxtheproject/keyed-db (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa8d0778ab610c5b6e2320997c2427bf9e6295b93fe16ae478096953c1de9b34 The package @rexxtheproject/keyed-db was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 1:54 a.m.9 views

Malicious code in @rexxtheproject/keyed-db (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa8d0778ab610c5b6e2320997c2427bf9e6295b93fe16ae478096953c1de9b34 The package @rexxtheproject/keyed-db was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Fedora
Fedora
added 2025/11/06 2:23 a.m.6 views

[SECURITY] Fedora 42 Update: fontforge-20230101-17.fc42

FontForge former PfaEdit is a font editor for outline and bitmap fonts. It supports a range of font formats, including PostScript ASCII and binary Type 1, some Type 3 and Type 0, TrueType, OpenType Type2 and CID-keyed fonts...

6.5CVSS7AI score0.00239EPSS
Exploits0
Circl
Circl
added 2025/09/26 5:0 a.m.4 views

CVE-2017-5378

creationtimestamp| type| source ---|---|--- 2025-09-26 05:00:00+00:00| seen| https://projectzero.google/2025/09/pointer-leaks-through-pointer-keyed.html 2025-09-26 15:00:00+00:00| seen| https://googleprojectzero.blogspot.com/2025/09/pointer-leaks-through-pointer-keyed.html...

7.5CVSS8.6AI score0.03371EPSS
Exploits1References2
Circl
Circl
added 2025/09/26 5:0 a.m.4 views

CVE-2016-9904

creationtimestamp| type| source ---|---|--- 2025-09-26 05:00:00+00:00| seen| https://projectzero.google/2025/09/pointer-leaks-through-pointer-keyed.html 2025-09-26 15:00:00+00:00| seen| https://googleprojectzero.blogspot.com/2025/09/pointer-leaks-through-pointer-keyed.html...

7.5CVSS8.8AI score0.02753EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in test-mlw2-keyed-egers (npm)

The package test-mlw2-keyed-egers was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-35617 Malicious code in test-mlw2-keyed-egers (npm)

The package test-mlw2-keyed-egers was found to contain malicious code...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/30 12:0 a.m.4 views

Malleability-Resistant Encrypted Control System with Disturbance Compensation and Real-Time Attack Detection

This study proposes an encrypted PID control system with a disturbance observer DOB using a keyed-homomorphic encryption KHE scheme, aiming to achieve control performance while providing resistance to malleability-based attacks. The controller integrates a DOB with a PID structure to compensate f...

6.9AI score
Exploits0
OSV
OSV
added 2024/06/06 6:15 a.m.2 views

DEBIAN-CVE-2024-3049

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcrymdgetalgodlen, it may allow an invalid HMAC to be accepted by the Booth server...

5.9CVSS5.7AI score0.00535EPSS
Exploits0References1
Rows per page
Query Builder