Exploit for CVE-2026-31431

copy-fail-fix Per-distro mitigation scripts for CVE-2026-314...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-006985)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006985 advisory. In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobe-ed Registering a kprobe on...

Multi Layer Protection against Low Rate DDoS Attacks in Containerized Systems

Low rate Distributed Denial of Service DDoS attacks have emerged as a major threat to containerized cloud infrastructures. Due to their low traffic volumes, these attacks can be difficult to detect and mitigate, potentially causing serious harm to internet applications. This work proposes a DDoS...

Siemens Ruggedcom ROX Privilege Dropping (CVE-2018-7169)

An issue was discovered in shadow 4.5. newgidmap in shadow-utils is setuid and allows an unprivileged user to be placed in a user namespace where setgroups2 is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if...

EUVD-2013-2064

Malware in sbrugna...

EUVD-2019-14186

Malware in sbrugna...

EUVD-2010-5250

Malware in sbrugna...

EUVD-2017-0068

Malware in sbrugna...

EUVD-2018-4004

Malware in sbrugna...

EUVD-2022-2414

Malicious code in bioql PyPI...

EUVD-2023-58388

Malicious code in bioql PyPI...

EUVD-2022-3761

Malicious code in bioql PyPI...

EUVD-2023-32895

Malicious code in bioql PyPI...

EUVD-2023-57837

Malicious code in bioql PyPI...

MaraDNS

MaraDNS is an open-source DNS server. It is a small, lightweight, and highly customizable DNS server that can be used as an authoritative or recursive nameserver. MaraDNS is written in C and is designed to be easy to configure and use. The repository contains a variety of files, including a READM...

CVE-2024-12554

The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validation on the casregisterpost function. This makes it possible for unauthenticated attackers to blacklist emails via a forged...

CVE-2024-33896

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3...

CVE-2021-29431

Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perfor...

CVE-2010-5291

Amberdms Billing System ABS before 1.4.1 does not properly implement blacklisting after detection of invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach...

API Armor: How Bybit’s Real-Time Blacklisting Is Thwarting a $1.5B Crypto Heist

APIs present a security risk—that much is a given. Attacks on APIs have caused some of the most significant security incidents of the past decades. But the question now is: How can we flip the script and leverage their power to enhance security? Bybit might just have the answer. Bybit—one of the...