Lucene search
+L

6 matches found

OSV
OSV
added 2026/06/19 9:16 p.m.5 views

GHSA-M4W9-HJFW-VWJ4 http4k: `HmacSha256.hash` (despite the `Hmac` naming) computed a plain unkeyed digest; clarified by deprecation in favour of `Sha256.hash` / `Sha256.hmac`

Impact The HmacSha256 class contained two functions: - hashpayload — a plain unkeyed SHA-256 digest. The Hmac prefix in the class name was misleading; this function has no key parameter, so it could never have been an HMAC. - hmacSHA256key, data — a properly keyed HMAC-SHA256. A reader who didn't...

8.2CVSS5.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/01/27 12:0 a.m.6 views

PT-2025-3356 · Baidu · Baidu Lite

Name of the Vulnerable Software and Affected Versions: Baidu Lite version 6.40.0 Description: The issue allows attackers to access user information by supplying a crafted link. Recommendations: For version 6.40.0, consider avoiding the use of links from untrusted sources until a patch is availabl...

6.5CVSS6.8AI score0.0031EPSS
Exploits0References3
VulnCheck KEV
VulnCheck KEV
added 2024/11/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-10781

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an missing empty value check on the 'apikey' value in the 'perform' function in all versions up to, and including, 6.44. This makes it possible for...

8.1CVSS5.8AI score0.03824EPSS
Exploits1References1
OSV
OSV
added 2023/10/03 10:15 a.m.9 views

CVE-2023-38381

Cross-Site Request Forgery CSRF vulnerability in Cyle Conoly WP-FlyBox plugin = 6.46 versions...

8.8CVSS7.3AI score0.00208EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/18 12:0 a.m.7 views

MikroTik RouterOS 命令注入漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A security vulnerability exists in MikroTik RouterOS version 6.47.9 that allows remote authenticated ftp users to...

8.5CVSS5.9AI score0.04494EPSS
Exploits1References2
CNVD
CNVD
added 2017/12/15 12:0 a.m.5 views

MikroTik Denial of Service Vulnerability

MikroTik is a set of routing operating system based on Linux core development of Latvian MikroTik company. The system turns a PC computer into a professional router. A security vulnerability exists in MikroTik version 6.40.5. A remote attacker can exploit this vulnerability with a large number of...

7.8CVSS6.8AI score0.07788EPSS
Exploits1References1
Rows per page
Query Builder