Lucene search
K

822 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2025-210388

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing.private.utils.runstring within the reduce method to...

7.6CVSS6.1AI score0.00552EPSS
Exploits0References3
Cvelist
Cvelist
added 5 days ago21 views

CVE-2025-71355 Picklescan - Arbitrary Code Execution via Unsafe Numpy Function Detection Bypass

Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. Attackers can craft malicious pickle files using numpy.testing.private.utils.runstring within the reduce method to...

7.6CVSS0.00552EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak has been fixed in amdgpuacpienumeratexcc. In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo. This results in a memory...

5.5CVSS5.8AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It is possible for cpread and hdmiread to return -EIO. These values are further used as indexes to access arrays. The issue was fixed by checking t...

7.1CVSS5.9AI score0.00117EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: A memory leak was fixed in amdgpurasinit. When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, resulting in a memory leak. This issue was fixed by...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: md/raid1: A memory leak was fixed in raid1run. raid1run calls setupconf, which registers a thread via mdregisterthread. If raid1setlimits fails, the previously registered thread remains unregistered, resulting in a memory leak of...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ext4: xattr: fixed a null pointer dereference in ext4raw inode If ext4getinodeloc fails e.g., if it returns -EFSCORRUPTED, iloc.bh will remain set to NULL. Since ext4xattr inodedecrefall lacks error checking, this will lead to a...

5.9AI score0.00173EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: gpio: Prevent potential speculation leaks in gpiodevicegetdesc The userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do this by calling gpioioctl with an offset that is out of...

5.5CVSS6.2AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tools/powerturbostat: Fixed the file pointer leak. Currently, if the fscanf function fails, an early return causes a leak of the open file pointer. This issue was fixed by closing the file before the return statement. This issue...

7.1CVSS5.2AI score0.00191EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: traceeventshist: A check was added to ensure that the return value of createhistfield is checked. The function createhistfield is called recursively at line 1954 of traceeventshist.c, and it may return a NULL value. Therefore, we...

5.5CVSS5.5AI score0.00247EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound access in addsecretdacpath The sndhdagetconnections function may return a negative error code. This could lead to accessing the ‘conn’ array at a negative index. This issue was...

7.8CVSS5.9AI score0.00261EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: A potential buffer overflow issue has been fixed in nisetmcspecialregisters. The last case label can write two buffers, mcregaddressj and mcdataj, where the offset of ‘j’ equals SMCNISLANDSMCREGISTERARRAYSIZE. Since...

7.8CVSS6.2AI score0.00232EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fixed the potential NULL-ptr-dereference issue. The indevget function may return NULL, which could lead to a failure when the idev variable is dereferenced in indevforeachifartnl. This patch adds a check for a NULL...

5.5CVSS5.1AI score0.00235EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel – Added error handling for dmamapsg calls The Macro dmamapsg may return 0 in the event of an error. This patch enables checks in case of a macro failure and ensures that previously mapped buffers are unmapped usi...

5.5CVSS5.7AI score0.00232EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: qed/qedsriov: protection against NULL references from qediovgetvfinfo We must ensure that the information returned by the helper function is valid before using it. This issue was identified by the Linux Verification Center...

5.5CVSS6.1AI score0.00184EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed: A NULL pointer check was added in astvhubinitdev. The variable d-name, returned by devmkasprintf, could potentially be NULL. A pointer check was added to prevent potential NULL pointer dereferencing. This is...

5.5CVSS6.1AI score0.00244EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: cihdrcimx: fix usbmisc handling usbmisc is an optional device property; therefore, it is completely valid for the corresponding data-usbmiscdata to have a NULL value. This check was performed before dereferencing t...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Null checks for adev-dm.dc in amdgpudmfini have been fixed. Since adev-dm.dc in amdgpudmfini might turn out to be NULL before the call to dcenabledmubnotifications, a check is performed beforehand to ensure that...

5.5CVSS5.9AI score0.00272EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.7 views

ClickFix HTML Static Detector

This script is a lightweight static analysis tool designed to identify HTML pages that exhibit patterns commonly associated with ClickFix-style social engineering campaigns...

5.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/06/10 12:0 a.m.14 views

Can Open-Source LLM Agents Replace Static Application Security Testing Tools? an Empirical Assessment

This paper explores the value of agentic AI tools for cybersecurity purposes. We evaluate the efficacy of a general-purpose GenAI Large Language Model- GenAI- based agent when powered by three different Ollama-hosted general-purpose open source models. We assess each agent's performance using...

5.2AI score
Exploits0
Rows per page
Query Builder