Lucene search
K

81 matches found

OSV
OSV
added 2025/10/07 4:15 p.m.3 views

UBUNTU-CVE-2023-53639

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: reduce WARN to devdbg in callback The warn is triggered on a known race condition, documented in the code above the test, that is correctly handled. Using WARN hinders automated testing. Reducing severity...

5.5CVSS5.9AI score0.00149EPSS
Exploits0References12
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2023-53639

Technical details about CVE-2023-53639 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories to obtain affected products, versions, and remediation information.

5.5CVSS6.2AI score0.00149EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17757

Malware in sbrugna...

7.5CVSS7.5AI score0.00346EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.3 views

PT-2025-41083

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A change was made to reduce the severity of a warning message in the ath6kl module related to Wi-Fi functionality. The warning was triggered by a known race condition that is already...

6.2AI score0.00149EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-0235

Malicious code in bioql PyPI...

8.5CVSS6.3AI score0.00348EPSS
Exploits1References4
Packet Storm News
Packet Storm News
added 2025/09/26 12:0 a.m.4 views

Red Teaming Quantum-Resistant Cryptographic Standards: A Penetration Testing Framework Integrating AI and Quantum Security

This study presents a structured approach to evaluating vulnerabilities within quantum cryptographic protocols, focusing on the BB84 quantum key distribution method and National Institute of Standards and Technology NIST approved quantum-resistant algorithms. By integrating AI-driven red teaming,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/03 12:0 a.m.6 views

VulnRepairEval: an Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities

The adoption of Large Language Models LLMs for automated software vulnerability patching has shown promising outcomes on carefully curated evaluation sets. Nevertheless, existing datasets predominantly rely on superficial validation methods rather than exploit-based verification, leading to...

7.1AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

Leveraging GPT-4 for Vulnerability-Witnessing Unit Test Generation

In the life-cycle of software development, testing plays a crucial role in quality assurance. Proper testing not only increases code coverage and prevents regressions but it can also ensure that any potential vulnerabilities in the software are identified and effectively fixed. However, creating...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:21 p.m.8 views

CVE-2020-25064

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 August 2020...

7.5CVSS7.1AI score0.00346EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/22 12:0 a.m.3 views

Poster: Towards an Automated Security Testing Framework for Industrial UEs

With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments,...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/21 12:0 a.m.4 views

Leveraging Large Language Models for Command Injection Vulnerability Analysis in Python: an Empirical Study on Popular Open-Source Projects

Command injection vulnerabilities are a significant security threat in dynamic languages like Python, particularly in widely used open-source projects where security issues can have extensive impact. With the proven effectiveness of Large Language ModelsLLMs in code-related tasks, such as testing...

7.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.10 views

An Automated Blackbox Noncompliance Checker for QUIC Server Implementations

We develop QUICtester, an automated approach for uncovering non-compliant behaviors in the ratified QUIC protocol implementations RFC 9000/9001. QUICtester leverages active automata learning to abstract the behavior of a QUIC implementation into a finite state machine FSM representation. Unlike...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/15 12:0 a.m.7 views

RAN Tester UE: an Automated Declarative UE Centric Security Testing Platform

Cellular networks require strict security procedures and measures across various network components, from core to radio access network RAN and end-user devices. As networks become increasingly complex and interconnected, as in O-RAN deployments, they are exposed to a numerous security threats...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.11 views

InjectLab: a Tactical Framework for Adversarial Threat Modeling against Large Language Models

Large Language Models LLMs are changing the way people interact with technology. Tools like ChatGPT and Claude AI are now common in business, research, and everyday life. But with that growth comes new risks, especially prompt-based attacks that exploit how these models process language. InjectLa...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/03/28 2:16 a.m.305 views

Exploit for Improper Restriction of Excessive Authentication Attempts in Fortinet Fortiauthenticator

CVE-2023-26208 Exploit Automation Para Fins Educacionais 🚨 📌...

5.3CVSS5.6AI score0.01812EPSS
Exploits1
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/02/05 6:12 a.m.10 views

A tale of enumeration, and why pen testing can’t be automated

TL;DR In an engagement we found an open directory on the internet belonging to our client By enumerating it we found a zip archive with a configuration file holding usernames and passwords That file gave us access to the client’s ArcGIS instance This contained a treasure trove of information abou...

6.9AI score
Exploits0
hivepro
hivepro
added 2024/12/27 1:0 p.m.7 views

Test Like an Attacker, Not an Auditor

Running short on time but still want to stay in the know? Well, we've got you covered! We've condensed all the key takeaways into a handy audio summary. So, if you're on the go, or just prefer listening over reading, click right here to hear it all! " Through 2028, validation of threat exposures ...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/18 11:15 a.m.7 views

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here's the thing: hackers don't wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2024/09/19 11:30 a.m.76 views

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass Assigner is a powerful tool designed to identify and exploit mass assignment vulnerabilities in web applications. It achieves this by first retrieving data from a specified request, such as fetching user profile data. Then, it systematically attempts to apply each parameter extracted from th...

7.4AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/08/22 10:3 a.m.24 views

The Facts About Continuous Penetration Testing and Why It's Important

What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing CASPT is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital...

8AI score
Exploits0
Rows per page
Query Builder