CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-7921

Malware in sbrugna...

7.5CVSS7.6AI score0.00724EPSS

Exploits0References4

FreeBSD•added 2024/01/09 12:0 a.m.•36 views

chromium -- security fix

Chrome Releases reports: This update includes 1 security fix: 1513379 High CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg @malcolmst of SODIUM-24, LLC on 2023-12-20...

5.3CVSS7.5AI score0.00429EPSS

Exploits0References1

Openbugbounty•added 2023/11/14 12:11 p.m.•6 views

malcolmarmstrong.ca Cross Site Scripting vulnerability OBB-3780660

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score

Exploits0

Kitploit•added 2022/03/18 8:30 p.m.•20 views

S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...

7.4AI score

Exploits0References34

Veracode•added 2017/07/25 10:24 p.m.•11 views

Timing Attacks

Malcolm Fell jwt is vulnerable to timing attacks. The library does not compare hashes in constant time, which allows malicious users to use the timing of the request to progressively identify a valid hash...

7.5CVSS7.3AI score0.00724EPSS

Exploits0References1Affected Software1

Schneier on Security•added 2017/06/15 11:52 a.m.•20 views

Millennials and Secret Leaking

I hesitate to blog this, because it's an example of everything that's wrong with pop psychology. Malcolm Harris writes about millennials, and has a theory of why millennials leak secrets. My guess is that you could write a similar essay about every named generation, every age group, and so on...

6.9AI score

Exploits0

OSV•added 2017/01/23 9:59 p.m.•14 views

CVE-2016-7037

The verify function in Encryption/Symmetric.php in Malcolm Fell jwt before 1.0.3 does not use a timing-safe function for hash comparison, which allows attackers to spoof signatures via a timing attack...

7.5CVSS6.7AI score

Exploits0References3

Prion•added 2017/01/23 9:59 p.m.•9 views

Design/Logic Flaw

5CVSS6.9AI score0.00724EPSS

Exploits0References3Affected Software1

CVE•added 2017/01/23 9:0 p.m.•48 views

CVE-2016-7037

The CVE concerns Malcolm Fell jwt (before 1.0.3). The verify function in Encryption/Symmetric.php does not use a timing-safe hash comparison, allowing an attacker to spoof signatures via timing attacks. Impact is signature forgery; remediation is upgrading to version 1.0.3 or later (as per refere...

7.5CVSS7.3AI score0.00724EPSS

Exploits0References3Affected Software1