Lucene search
K

695 matches found

CNNVD
CNNVD
added 2026/05/01 12:0 a.m.8 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mlx5 driver failing to check the validity of a LAG device before creating a debugfs, which could result ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/04/30 12:0 a.m.7 views

A Comparative Analysis of Machine Learning Models for Intrusion Detection in Intelligent Transport Systems

AI-powered edge computing security is moving Intelligent Transportation Systems ITS from passive, rule-based protections to proactive, smart, zero-touch, self-sufficient safeguards that neutralize threats in milliseconds. As transportation becomes more connected with edge computing, massive IoT,...

5.8AI score
Exploits0
Cvelist
Cvelist
added 2026/04/27 9:38 a.m.35 views

CVE-2026-40858 Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository

The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a...

0.00711EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/04/27 9:38 a.m.7 views

CVE-2026-40858 Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository

The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a...

6.5AI score0.00711EPSS
Exploits2References1
EUVD
EUVD
added 2026/04/27 9:38 a.m.10 views

EUVD-2026-25808

The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a...

8.8CVSS6.5AI score0.00711EPSS
Exploits2References1
CVE
CVE
added 2026/04/27 9:38 a.m.31 views

CVE-2026-40858

CVE-2026-40858 – Apache Camel: Camel-Infinispan insecure deserialization The camel-infinispan component’s ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without ObjectInputFilter. An attacker who can write to t...

8.8CVSS6.6AI score0.00711EPSS
Exploits2References6Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35386

The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a...

6.5AI score0.00711EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.7 views

SUSE CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

4.8CVSS5.5AI score0.00121EPSS
Exploits0References7
NVD
NVD
added 2026/04/25 9:16 a.m.4 views

CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

7.8CVSS0.00121EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/25 8:47 a.m.49 views

CVE-2026-31683 batman-adv: avoid OGM aggregation when skb tailroom is insufficient

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

7.8CVSS0.00121EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/25 8:47 a.m.10 views

CVE-2026-31683

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

5.5AI score0.00121EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2026/04/25 8:47 a.m.7 views

EUVD-2026-25650

In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been allocated with only packetlen bytes, while a later packet can still ...

5.5AI score0.00121EPSS
Exploits0References8
CVE
CVE
added 2026/04/25 8:47 a.m.21 views

CVE-2026-31683

The CVE-2026-31683 issue affects the Linux kernel’s batman-adv module. When the Optimized Global Messaging (OGM) aggregation state is toggled at runtime, a forwarded packet that was allocated with insufficient tailroom may be appended to by a later packet, leading to skb_put overflow conditions. ...

7.8CVSS5.5AI score0.00121EPSS
Exploits0References8Affected Software1
Packet Storm News
Packet Storm News
added 2026/04/25 12:0 a.m.7 views

Scalable and Verifiable Federated Learning for Cross-Institution Financial Fraud Detection

The global financial ecosystem confronts a critical asymmetry: while fraud syndicates operate as borderless, distributed networks, banking institutions remain constrained by regulatory data silos, limiting visibility into cross-institutional threat patterns under strict privacy laws such as GDPR...

5.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-31683

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing forwarded packet may have been...

7.8CVSS7AI score0.00121EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/25 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the OGM aggregation in batman-adv without checking the tail space, potentially leading to skbput overfl...

7.8CVSS5.9AI score0.00121EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.8 views

PT-2026-35143

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the batman-adv module where OGM aggregation can lead to a buffer overflow. When the OGM aggregation state is toggled during runtime, a forwarded packet might be...

7.8CVSS5.9AI score0.00126EPSS
Exploits0References151
Packet Storm News
Packet Storm News
added 2026/04/23 12:0 a.m.6 views

Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models

Large language models LLMs are increasingly integrated into sensitive workflows, raising the stakes for adversarial robustness and safety. This paper introduces Transient Turn InjectionTTI, a new multi-turn attack technique that systematically exploits stateless moderation by distributing...

5.2AI score
Exploits0
OSV
OSV
added 2026/04/22 7:22 p.m.5 views

GHSA-PF4J-PF3W-95F9 nimiq-transaction: UpdateValidator transactions allows voting key change without proof-of-knowledge

Impact The staking contract accepts UpdateValidator transactions that set newvotingkey=Some... while omitting newproofofknowledge. this skips the proof-of-knowledge requirement that is needed to prevent BLS rogue-key attacks when public keys are aggregated. Because tendermint macro block...

6.8CVSS5.8AI score0.00201EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/22 7:13 p.m.9 views

nimiq-block has skip block quorum bypass via out-of-range BitSet indices & u16 truncation

Impact SkipBlockProof::verify computes its quorum check using BitSet.len, then iterates BitSet indices and casts each usize index to u16 slot as u16 for slot lookup. If an attacker can get a SkipBlockProof verified where MultiSignature.signers contains out-of-range indices spaced by 65536, these...

9.6CVSS5.8AI score0.00217EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder