Gray-Box Poisoning of Continuous Malware Ingestion Pipelines

Modern malware detection pipelines rely on continuous data ingestion and machine learning to counter the high volume of novel threats. This work investigates a realistic gray-box poisoning threat model targeting these pipelines. Using the secmlmalware framework, we generate problem-space...

CVE-2025-60686

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614B20230630, LR1200GB V9.1.0u.6619B20230130, and NR1800X V9.1.0u.6681B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s" format...

PT-2025-46856

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers A720R V4.1.5cu.614 B20230630, LR1200GB V9.1.0u.6619 B20230130, and NR1800X V9.1.0u.6681 B20230703. Both programs parse the contents of /proc/net/arp using sscanf with "%s"...

EUVD-2005-0141

Malware in sbrugna...

EUVD-2005-0116

Malware in sbrugna...

EUVD-2017-3811

Malware in sbrugna...

EUVD-2025-31030

Malicious code in bioql PyPI...

CVE-2025-20316

A vulnerability in the access control list ACL programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device. This vulnerability is due to the flooding of traffic from an...

CVE-2025-20316

CVE-2025-20316 describes a vulnerability in the ACL programming of Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches. The issue allows an unauthenticated, remote attacker to bypass a configured egress ACL. The root cause is tied to traffic flooding from an unlearned MAC addr...

CVE-2025-20316

A vulnerability in the access control list ACL programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device. This vulnerability is due to the flooding of traffic from an...

CVE-2023-46354

In the module "Orders CSV, Excel Export PRO" ordersexport 5.2.0 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information fro...

CVE-2023-45380

In the module "Order Duplicator " Clone and Delete Existing Order" orderduplicate in version = 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from...

PrestaShop Order Duplicator Security Vulnerability

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, SMS alerts, and product image zoom and other features. A security vulnerability exists in PrestaShop Order Duplicator - Clone and Delete Existing Order...

PT-2023-29537 · Prestashop · Order Duplicator Module

Name of the Vulnerable Software and Affected Versions: Order Duplicator module for PrestaShop versions = 1.1.7 Description: The issue allows a guest to download personal information without restriction due to a lack of permissions control. This includes accessing data from the ps customer and ps...

kernel: rtw89: ser: fix CAM leaks occurring in L2 reset

In the Linux kernel, the following vulnerability has been resolved: rtw89: ser: fix CAM leaks occurring in L2 reset The CAM, meaning address CAM and bssid CAM here, will get leaks during SER system error recover L2 reset process and ieee80211restarthw which is called by L2 reset process eventuall...

SUSE CVE-2015-6249

The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service application crash via a...

laZzzy - Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques

laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native Nt functions not all functions but most Import Address Table IAT evasion Encrypte...

Cisco Firepower Threat Defense（FTD）和Cisco Adaptive Security Appliances Software（ASA Software） 安全漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. A security vulnerability exists in Cisco Firepower Threat Defense FTD and Cisco Adaptive Security Appliances Software ASA Software, which is caused by an error in the...

Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)

; Name: Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode 230 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This is a shellcode that ; pop a MessageBox and show the text "Pwn3d by h4pp1n3ss". In order to accomplish...

Huan - Encrypted PE Loader Generator

Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be run with different keys each time and embeds it in a new section of the loader binary. Currently, it works on 64 bit PE files. How It Works? First, Huan...