Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

SUSE CVE
SUSE CVEadded 2025/12/25 12:54 a.m.3 views

SUSE CVE-2023-54145

In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARNONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes as of now, and there are at least two...

6.7AI score0.00024EPSS
Exploits0References17
CVE
CVEadded 2025/12/24 1:6 p.m.9 views

CVE-2023-54145

Technical details for CVE-2023-54145 are not publicly available in the provided Connected documents. The EulerOS/Nessus listings reference the CVE, but no affected products, vulnerable components, or fixes are described here. Monitor for vendor advisories for updates.

6.2AI score0.00024EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/10/16 4:21 p.m.7 views

CVE-2025-25298 Missing Maximum Password Length Validation in Strapi Password Hashing

Strapi is an open source headless CMS. The @strapi/core package before version 5.10.3 does not enforce a maximum password length when using bcryptjs for password hashing. Bcryptjs ignores any bytes beyond 72, so passwords longer than 72 bytes are silently truncated. A user can create an account...

6.3CVSS0.00046EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2024/01/25 4:49 p.m.1 views

openssl: Incorrect cipher key and IV length processing

A flaw was found in OpenSSL in how it processes key and initialization vector IV lengths. This issue can lead to potential truncation or overruns during the initialization of some symmetric ciphers. A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality...

7.5CVSS7.1AI score0.06308EPSS
Exploits0References5
OSV
OSVadded 2023/10/25 6:17 p.m.2 views

AZL-42712 CVE-2023-5363 affecting package cloud-hypervisor-cvm for versions less than 38.0.72.2-1

Issue summary: A bug has been identified in the processing of key and initialisation vector IV lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in...

7.5CVSS6.5AI score0.06308EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2023/08/15 5:37 p.m.5 views

httpd: mod_proxy_uwsgi HTTP response splitting

An HTTP Response Smuggling vulnerability was found in the Apache HTTP Server via modproxyuwsgi. This security issue occurs when special characters in the origin response header can truncate or split the response forwarded to the client...

7.5CVSS7.1AI score0.00667EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2023/07/18 1:55 a.m.3 views

SUSE CVE-2023-37464

OpenIDC/cjose is a C library implementing the Javascript Object Signing and Encryption JOSE. The AES GCM decryption routine incorrectly uses the Tag length from the actual Authentication Tag provided in the JWE. The spec says that a fixed length of 16 octets must be applied. Therefore this bug...

8.6CVSS6.9AI score0.00198EPSS
Exploits1References5
Hacker One
Hacker Oneadded 2023/01/09 8:16 a.m.10 views

curl: curl/libcurl vulnerable to TLS truncation attacks

Summary: curl/libcurl doesn't enforce "Closure Alerts" 12 for protocols that have no knowledge of the size of the transmitted data. This enables truncation attacks where the attacker in a meddler-in-the-middle position closes the connection prematurely. This results in partial file being download...

5.5AI score
Exploits0
Rows per page
Query Builder