Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Wired Threat Level
Wired Threat Leveladded 2026/04/11 9:30 a.m.4 views

How the Internet Broke Everyone’s Bullshit Detectors

From AI-generated images to restricted satellite data, the systems used to verify what’s real online are struggling to keep up...

5.8AI score
Exploits0
Wired Threat Level
Wired Threat Leveladded 2025/05/12 10:0 a.m.17 views

Deepfakes, Scams, and the Age of Paranoia

As AI-driven fraud becomes increasingly common, more people feel the need to verify every interaction they have online...

7.2AI score
Exploits0
OSV
OSVadded 2025/03/06 5:15 p.m.8 views

DEBIAN-CVE-2024-58083

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

7.8CVSS5.5AI score0.00028EPSS
Exploits0References1
OSV
OSVadded 2025/03/06 5:15 p.m.4 views

AZL-59423 CVE-2024-58083 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: Explicitly verify target vCPU is online in kvmgetvcpu Explicitly verify the target vCPU is fully online prior to clamping the index in kvmgetvcpu. If the index is "bad", the nospec clamping will generate '0', i.e. KVM will...

7.8CVSS6.7AI score0.00028EPSS
Exploits0References1
Veracode
Veracodeadded 2024/11/14 6:51 a.m.3 views

Incorrect Rekor Entry Selection

github.com/sigstore/gitsign is vulnerable to Incorrect Rekor entry selection. The vulnerability is due to gitsign not correctly handling situations where multiple Rekor entries are returned during online verification, leading it to potentially select the wrong one. It allows an attacker to...

7AI score
Exploits0
CVE
CVEadded 2024/11/05 6:54 p.m.83 views

CVE-2024-51746

CVE-2024-51746 affects gitsign. The vulnerability arises when Rekor’s search API is used to verify a signature: the API may return entries that match either the public key or the payload, not both. As a result, gitsign could select an incorrect Rekor entry during online verification, and, because...

1.8CVSS6.5AI score0.00058EPSS
Exploits0References1
OSV
OSVadded 2024/11/05 6:54 p.m.3 views

CVE-2024-51746 Use of incorrect Rekor entries during verification in gitsign

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. gitsign may select the wrong Rekor entry to use during online verification when multiple entries are returned by the log. gitsign uses Rekor's search API to fetch entries that apply to a signature...

1.8CVSS4.4AI score0.00058EPSS
Exploits0References3
OSV
OSVadded 2024/11/05 3:26 p.m.12 views

GHSA-8PMP-678W-C8XX gitsign may use incorrect Rekor entries during verification

Summary gitsign may select the wrong Rekor entry to use during online verification when multiple entries are returned by the log. Details gitsign uses Rekor's search API to fetch entries that apply to a signature being verified. The parameters used for the search are the public key and the payloa...

1.8CVSS5.5AI score0.00058EPSS
Exploits0References3
Rows per page
Query Builder