Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-5141

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00059EPSS
Exploits0References8
NVD
NVDadded 2025/09/18 3:15 p.m.4 views

CVE-2025-10671

A vulnerability has been found in youth-is-as-pale-as-poetry e-learning 1.0. Impacted is the function encryptSecret of the file e-learning-master\exam-api\src\main\java\com\yf\exam\ability\shiro\jwt\JwtUtils.java of the component JWT Token Handler. The manipulation leads to insufficiently random...

6.3CVSS0.00054EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/09/03 8:15 p.m.20 views

CVE-2024-45394 Secret encryption vulnerable to brute-force attacks

Authenticator is a browser extension that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EVPBytesToKey KDF. Therefore, attackers with a copy of a user's data are able to brute-force the...

8.8CVSS8.2AI score0.00037EPSS
Exploits0References2
Veracode
Veracodeadded 2024/06/18 7:13 a.m.15 views

Sensitive Information Disclosure

github.com/rancher/rancher is vulnerable to Sensitive Information Disclosure. The vulnerability is due to constantly reconciling clusters when secrets encryption configuration is enabled, causing Kube API secret values to be written in plaintext on the AppliedSpec. An attacker can gain access to...

7.1CVSS6.9AI score0.00064EPSS
Exploits0References3Affected Software1
Schneier on Security
Schneier on Securityadded 2024/03/28 11:5 a.m.19 views

Hardware Vulnerability in Apple’s M-Series Chips

Its yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s...

7AI score
Exploits0
Filippo.io
Filippo.ioadded 2022/12/28 12:18 p.m.71 views

My age+YubiKeys Password Management Solution

Password managers are in the news, and its the holidays, so its as good a time as ever to describe my password and secret management setup. Its very much not for everyone, but its minimal, simple, and has some interesting security properties: even if my laptop were compromised, it would take an...

6.7AI score
Exploits0
Cvelist
Cvelistadded 2022/10/14 12:0 a.m.20 views

CVE-2022-39309 GoCD server secret encryption/decryption key leaked to agents during material serialization

GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 leak the symmetric key used to encrypt/decrypt any secure variables/secrets in GoCD configuration to authenticated agent...

4.9CVSS6.3AI score0.00355EPSS
Exploits0References4
Rows per page
Query Builder