Lucene search
K

46 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0784

Malware in sbrugna...

4CVSS4AI score0.00306EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-9065

Malware in sbrugna...

4.3CVSS4.9AI score0.01494EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2024-45992

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00531EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-7090

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00655EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2500

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00676EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-2695

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00557EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0341

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.005EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0587

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.01121EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/23 9:42 a.m.7 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.4AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:18 a.m.9 views

CVE-2023-41935

Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b1154b3fb, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce...

7.5CVSS6.6AI score0.00676EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.12 views

CVE-2022-43411

Jenkins GitLab Plugin 1.5.35 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.4AI score0.00655EPSS
Exploits0References1
Veracode
Veracode
added 2025/01/31 5:13 a.m.14 views

Signature Forgery Attack

org.apache.hive, hive-llap-common is vulnerable to signature forgery attack. The vulnerability is due to the use of Arrays.equals for signature validation, which allows an attacker to forge a valid signature byte by byte due to its non-constant-time comparison...

6.5CVSS6.4AI score0.01131EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2024/11/21 6:15 p.m.22 views

CVE-2024-52307

authentik is an open-source identity provider. Due to the usage of a non-constant time comparison for the /-/metrics/ endpoint it was possible to brute-force the SECRETKEY, which is used to authenticate the endpoint. The /-/metrics/ endpoint returns Prometheus metrics and is not intended to be...

6.3CVSS0.00531EPSS
Exploits0References3
OSV
OSV
added 2024/10/10 10:3 p.m.9 views

GHSA-J757-PF57-F8R4 Gradio performs a non-constant-time comparison when comparing hashes

Impact What kind of vulnerability is it? Who is impacted? This vulnerability involves a timing attack in the way Gradio compares hashes for the analyticsdashboard function. Since the comparison is not done in constant time, an attacker could exploit this by measuring the response time of differen...

6.3CVSS3.8AI score0.00285EPSS
Exploits0References4
NVD
NVD
added 2024/07/22 3:15 p.m.24 views

CVE-2024-41828

In JetBrains TeamCity before 2024.07 comparison of authorization tokens took non-constant time...

6.5CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/24 5:52 p.m.15 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

6.4AI score0.005EPSS
Exploits0References2
OSV
OSV
added 2023/10/25 6:17 p.m.18 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.9AI score
Exploits0References2
Prion
Prion
added 2023/10/25 6:17 p.m.23 views

Information disclosure

Jenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5CVSS5.1AI score0.00569EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/25 1:45 p.m.22 views

CVE-2023-46660

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.9AI score0.00462EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/10/25 1:45 p.m.27 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.9AI score0.00569EPSS
Exploits0References2
Rows per page
Query Builder