Lucene search
K

169 matches found

Cvelist
Cvelist
added 2026/03/02 4:17 p.m.19 views

CVE-2026-28360 NocoDB: Plaintext Storage of Shared View Passwords

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3...

6.9CVSS0.00194EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/02 4:17 p.m.2 views

CVE-2026-28360 NocoDB: Plaintext Storage of Shared View Passwords

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3...

6.9CVSS5.8AI score0.00194EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/02 4:17 p.m.3 views

CVE-2026-28360

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, shared view passwords were stored in plaintext in the database and compared using direct string equality. This issue has been patched in version 0.301.3...

6.9CVSS5.8AI score0.00194EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/01/26 5:47 p.m.5 views

EUVD-2025-206342

Tomahawk auth timing attack due to usage of strcmp has been identified in Hiawatha webserver version 11.7 which allows a local attacker to access the management client...

4CVSS5.8AI score0.00148EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:33 a.m.7 views

CVE-2024-39742

IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations due to a partial string comparison vulnerability. IBM X-Force ID: 297169...

9.8CVSS6.5AI score0.00763EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/30 3:30 p.m.4 views

EUVD-2022-55832

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...

6AI score0.00195EPSS
Exploits0References10
Cvelist
Cvelist
added 2025/10/16 8:17 a.m.9 views

CVE-2025-54499 Insecure string comparison enables timing attacks

Mattermost versions 10.5.x = 10.5.10, 10.11.x = 10.11.2 fail to use constant-time comparison for sensitive string comparisons which allows attackers to exploit timing oracles to perform byte-by-byte brute force attacks via response time analysis on Cloud API keys and OAuth client secrets...

3.1CVSS0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0151

Malware in sbrugna...

5.3CVSS6.2AI score0.01561EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2020-3020

Malware in sbrugna...

8.8CVSS8.6AI score0.01705EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0049

Malware in sbrugna...

7.5CVSS7.4AI score0.01184EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-1085

Malware in sbrugna...

6.1CVSS5.3AI score0.00833EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-18741

Malware in sbrugna...

5.3CVSS5.2AI score0.01215EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-27057

Malware in sbrugna...

9.8CVSS5.5AI score0.01111EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-38438

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00615EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-38221

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00763EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3440

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.0081EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8542

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.00345EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2021-34105

Malicious code in bioql PyPI...

9.8CVSS5.8AI score0.00776EPSS
Exploits0References3
Hacker One
Hacker One
added 2025/09/18 4:11 p.m.33 views

curl: Timing Attack Vulnerability in curl Digest Authentication via Non-Constant-Time String Comparison

Summary: A timing attack vulnerability exists in curl's Digest Authentication implementation due to the use of non-constant-time string comparison strcmp when comparing authentication algorithms in digest.c line 360. This allows attackers to determine the supported authentication algorithm throug...

6.7AI score
Exploits0
OSV
OSV
added 2025/09/17 8:2 p.m.4 views

GHSA-C2FC-9Q9C-5486 Dragonfly vulnerable to timing attacks against Proxy’s basic authentication

Impact The access control mechanism for the Proxy feature uses simple string comparisons and is therefore vulnerable to timing attacks. An attacker may try to guess the password one character at a time by sending all possible characters to a vulnerable mechanism and measuring the comparison...

6.9CVSS7.1AI score0.00315EPSS
Exploits0References5
Rows per page
Query Builder