Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-1114

In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens JWT. This vulnerability allows an attacker to perform an offline brute-force attack to recover the secret key. Once the...

9.8CVSS7.7AI score0.0054EPSS
Exploits1References1
OSV
OSV
added 2026/05/29 1:33 p.m.12 views

OESA-2026-2483 hplip security update

The Hewlett-Packard Linux Imaging and Printing Project provides drivers for HP printers and multi-function peripherals. Security Fixes: A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the us...

9.8CVSS6.3AI score0.01333EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-30377

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.012EPSS
Exploits0References4
OSV
OSV
added 2025/07/28 6:15 p.m.4 views

UBUNTU-CVE-2025-43023

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software documentation. This potential vulnerability is due to the use of a weak code signing key, Digital Signature Algorithm DSA...

9.1CVSS5.8AI score0.00244EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

HP Linux Imaging and Printing Software 安全漏洞

HP Linux Imaging and Printing Software is a Hewlett-Packard HP USA installation, usage and management software package that supports HP printers and scanners. A security vulnerability exists in HP Linux Imaging and Printing Software that originates from the use of a weak DSA signing key...

9.1CVSS6.5AI score0.00244EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/17 12:0 a.m.4 views

Donetick 安全漏洞

Donetick is an open source, user-friendly application from Donetick Open Source for managing tasks and chores. A security vulnerability exists in Donetick versions prior to 0.1.44, which stems from a weak JWT signing key default that could lead to account takeover...

9.8CVSS6.5AI score0.00575EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

Xpand IT Write-Back Manager Security Vulnerability

Xpand IT Write-back manager is an extension for Xpand IT. that allows users to enter data directly from Tableau dashboards into the database. A security vulnerability exists in Xpand IT Write-Back Manager version v2.3.1, which stems from the use of a weak key for signing JWT tokens, where an...

9.1CVSS6.7AI score0.00669EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/16 12:0 a.m.6 views

PT-2022-11839

Name of the Vulnerable Software and Affected Versions ONLYOFFICE all versions as of 2021-11-08 Description The issue is related to Incorrect Access Control, where signed document download URLs can be forged due to a weak default URL signing key. This allows for potential exploitation, including...

7.5CVSS7.7AI score0.012EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2022/11/01 12:0 a.m.7 views

PT-2022-9033 · Hcl +1 · Hcl Verse For Android +1

Name of the Vulnerable Software and Affected Versions: Application affected versions not specified Description: The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital...

7.5CVSS7.4AI score0.00273EPSS
Exploits0References3
Veracode
Veracode
added 2019/05/02 6:10 a.m.35 views

Unauthorized Modification

Java SE and Java SE Embedded are vulnerable to unauthenticated modification attacks. An unauthenticated attacker can exploit a flaw in the Security component of OpenJDK which does not allow users to restrict the set of algorithms allowed for Jar integrity verification allowing an attacker to modi...

3.1CVSS5.9AI score0.01993EPSS
Exploits0References18Affected Software5
RedHat Linux
RedHat Linux
added 2017/05/10 12:44 p.m.4 views

OpenJDK: MD5 allowed for jar verification (Security, 8171121)

It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm...

3.1CVSS7.3AI score0.01993EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/05/10 12:43 p.m.3 views

OpenJDK: MD5 allowed for jar verification (Security, 8171121)

It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm...

3.1CVSS7.3AI score0.01993EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/04/24 11:16 a.m.5 views

OpenJDK: MD5 allowed for jar verification (Security, 8171121)

It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm...

3.1CVSS7.3AI score0.01993EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2016/10/20 12:37 p.m.6 views

OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973)

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

4.3CVSS7.3AI score0.02793EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2016/10/18 8:18 p.m.38 views

CVE-2016-5542

It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for JAR integrity verification. This flaw could allow an attacker to modify content of the JAR file that used weak signing key or hash algorithm...

4.3CVSS1.8AI score0.02793EPSS
Exploits0References2
Rows per page
Query Builder