Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2025-29041

Malicious code in bioql PyPI...

5.9CVSS6.3AI score0.0006EPSS
Exploits0References2
CVE
CVEadded 2025/09/12 1:10 p.m.9 views

CVE-2025-59058

Affected software: httpsig-rs (Rust implementation of IETF RFC 9421 http message signatures). Vulnerability: Prior to version 0.0.19, HMAC signature comparison is not timing-safe, allowing a timing attack to forge signatures during HS256 verification. Impact (as stated): Attack could forge a sign...

5.9CVSS6.4AI score0.0006EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/09/12 12:0 a.m.0 views

httpsig-rs 安全漏洞

httpsig-rs is a Rust library by Jun Kurihara Personal Developer. A security vulnerability exists in versions prior to httpsig-rs 0.0.19, which stems from an HMAC signature comparison that does not utilize a temporal security approach, which could lead to an attacker forging a signature...

5.9CVSS6.4AI score0.0006EPSS
Exploits0References2
Prion
Prionadded 2023/08/21 11:15 a.m.79 views

Cross site scripting

Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting XSS bug. We recommend upgrading to version 0.0.20 of the extension...

5.8CVSS5.9AI score0.00224EPSS
Exploits0References1Affected Software1
OSV
OSVadded 2021/02/10 2:31 a.m.4 views

GHSA-29Q4-GXJQ-RX5C Remote Code Execution in SCIMono

Impact It is possible for attacker to inject and execute java expression and compromising the availability and integrity of the system. Patches The issue was fixed on 0.0.19 version...

9.1CVSS6AI score0.78218EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2018/07/24 12:20 a.m.19 views

Directory traversal in pooledwebsocket

Affected versions of pooledwebsocket resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.2AI score0.00533EPSS
Exploits3References4Affected Software1
OSV
OSVadded 2018/07/24 12:20 a.m.18 views

GHSA-CFXM-4P54-5W7H Directory traversal in pooledwebsocket

Affected versions of pooledwebsocket resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

7.5CVSS7.4AI score0.00533EPSS
Exploits3References4
Node.js
Node.jsadded 2017/05/05 12:3 a.m.51 views

Directory traversal

Overview Affected versions of pooledwebsocket resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable...

5CVSS3.2AI score0.00533EPSS
Exploits3Affected Software1
Rows per page
Query Builder