Lucene search
K

9 matches found

PyPA
PyPA
added 2025/11/24 6:15 p.m.31 views

PYSEC-2025-77

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...

8.2CVSS5.7AI score0.0038EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-13494

Malware in sbrugna...

5.4CVSS4.7AI score0.0062EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.12 views

CVE-2022-39199

immudb is a database with built-in cryptographic proof and verification. immudb client SDKs use server's UUID to distinguish between different server instance so that the client can connect to different immudb instances and keep the state for multiple servers. SDK does not validate this uuid and...

5.9CVSS6.7AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:40 p.m.7 views

CVE-2022-24781

Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround exists...

7.1CVSS6.6AI score0.00903EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.8 views

CVE-2022-39199 Lack of proper validation in immudb

immudb is a database with built-in cryptographic proof and verification. immudb client SDKs use server's UUID to distinguish between different server instance so that the client can connect to different immudb instances and keep the state for multiple servers. SDK does not validate this uuid and...

5.8CVSS5.7AI score0.00261EPSS
Exploits0References2
CVE
CVE
added 2022/03/24 8:25 p.m.86 views

CVE-2022-24781

Geon (board game) is affected by an authorization issue where malicious users can obtain another user’s uuid, spoof it in the browser console, and take co-ownership of a target session. The root cause is an insecure handling of session ownership tied to UUIDs, enabling session takeover without au...

7.1CVSS6.8AI score0.00903EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/08/01 2:15 p.m.14 views

CVE-2019-3884

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected...

5.4CVSS4.2AI score0.0062EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 2:15 p.m.22 views

CVE-2019-3884

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected...

5.4CVSS6.5AI score0.0062EPSS
Exploits0References1
CVE
CVE
added 2019/08/01 1:20 p.m.113 views

CVE-2019-3884

CVE-2019-3884 affects atomic-openshift garbage collection; cross-namespace UUID spoofing can delete children. Affected: OpenShift/atomic-openshift versions 3.6–4.1. Remediation in Red Hat advisory RHSA-2020:5634: upgrade OpenShift Container Platform to 4.7.0 (and apply the listed fixes). Other do...

5.4CVSS5.5AI score0.0062EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder