Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.4 views

Astra Linux - уязвимость в thunderbird

When importing a revoked key with “key compromise” as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked. As a result, the existing key remained unrevoked. Revocation statements that used another revocation reason, or those that did not specify...

5.4CVSS6.4AI score0.00373EPSS
Exploits0References1
OSV
OSVadded 2025/10/15 8:44 a.m.3 views

BIT-MASTODON-2025-62174 Mastodon allows continued access after password reset via CLI

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, when an administrator resets a user account's password via the command-line interface using bin/tootctl accounts modify --reset-password, active sessions and access tokens for...

3.5CVSS6.9AI score0.00193EPSS
Exploits0References3
OSV
OSVadded 2024/09/11 10:15 a.m.3 views

AZL-49132 CVE-2024-8096 affecting package mysql for versions less than 8.0.36-1

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS5.8AI score0.00729EPSS
Exploits1References1
CNNVD
CNNVDadded 2024/01/16 12:0 a.m.3 views

Hyperledger Ursa Encryption Issue Vulnerability

Hyperledger Ursa is a Hyperledger open source cryptographic library for use with the blockchain. A cryptographic issue vulnerability exists in Hyperledger Ursa version 0.1.0 that stems from allowing a malicious holder of revoked credentials to generate a valid, non-revoked proof for that credenti...

8.1CVSS6.8AI score0.00276EPSS
Exploits0References2
OSV
OSVadded 2022/12/22 8:15 p.m.1 views

DEBIAN-CVE-2022-1197

When importing a revoked key that specified key compromise as the revocation reason, Thunderbird did not update the existing copy of the key that was not yet revoked, and the existing key was kept as non-revoked. Revocation statements that used another revocation reason, or that didn't specify a...

5.4CVSS6.2AI score0.00373EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2022/09/23 1:7 p.m.16 views

Stripo Inc: Non-revoked API Key Disclosure in a Disclosed API Key Disclosure Report on Stripo

A previously disclosed vulnerability regarding API key disclosure in Stripo was reported as resolved...

7AI score
Exploits0
Hacker One
Hacker Oneadded 2022/06/25 5:13 p.m.21 views

Stripo Inc: Non-revoked API Key Information disclosure via Stripo_report()

Talking about 983331 reports where a security researcher reported secret API key leakage vulnerability in a JavaScript file at Stripo. This report is disclosed on HackerOne, and the team at Stripo have forgotten to blur the API keys from the report before disclosing it to the public. The API keys...

6.7AI score
Exploits0
Rows per page
Query Builder