Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2023-2270

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00095EPSS
Exploits1References6
NVD
NVDadded 2025/05/19 7:15 p.m.7 views

CVE-2025-47934

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. Startinf in version 5.0.1 and prior to versions 5.11.3 and 6.1.1, a maliciously modified message can be passed to either openpgp.verify or openpgp.decrypt, causing these functions to return a valid signature verification result...

8.7CVSS0.00156EPSS
Exploits0References5
Prion
Prionadded 2023/08/29 5:15 p.m.19 views

Design/Logic Flaw

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS4.4AI score0.00095EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2023/08/29 4:46 p.m.9 views

CVE-2023-41037 Cleartext Signed Message Signature Spoofing in openpgpjs

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS6.5AI score0.00095EPSS
Exploits1References2
CVE
CVEadded 2023/08/29 4:46 p.m.49 views

CVE-2023-41037

OpenPGP.js vulnerability (CVE-2023-41037) in Cleartext Signed Messages: versions up to 5.9.0 ignore data before the Hash: header, enabling text insertion that appears signed. Impact arises if an app verifies only verificationResult.verified and visually trusts the message; otherwise, verified dat...

4.3CVSS4.5AI score0.00095EPSS
Exploits1References2Affected Software1
ArchLinux
ArchLinuxadded 2018/06/11 12:0 a.m.22 views

[ASA-201806-8] gnupg: content spoofing

Arch Linux Security Advisory ASA-201806-8 ========================================= Severity: High Date : 2018-06-11 CVE-ID : CVE-2018-12020 Package : gnupg Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-713 Summary ======= The package gnupg before version 2.2.8-1 ...

7.5CVSS0.01725EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2005/03/25 12:0 a.m.16 views

GLSA-200503-29 : GnuPG: OpenPGP protocol attack

The remote host is affected by the vulnerability described in GLSA-200503-29 GnuPG: OpenPGP protocol attack A flaw has been identified in an integrity checking mechanism of the OpenPGP protocol. Impact : An automated system using GnuPG that allows an attacker to repeatedly discover the outcome of...

5CVSS5.5AI score0.07683EPSS
Exploits0References2
Rows per page
Query Builder