Siemens SIMATIC and SCALANCE Use After Free (CVE-2023-4128)

A use-after-free vulnerability in net/sched/clsfw.c in classifiers clsfw, clsu32, and clsroute in the Linux Kernel allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak. This plugin only works with...

Malicious code in form-classifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aee6a6945bad04a1ec3fbe89e2cbe5013625ba025601a3df6678a125761d3b55 The package form-classifier was found to contain malicious code...

EUVD-2025-175355

Malicious code in form-classifier npm...

MAL-2025-190491 Malicious code in form-classifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aee6a6945bad04a1ec3fbe89e2cbe5013625ba025601a3df6678a125761d3b55 The package form-classifier was found to contain malicious code...

BLADE: Behavior-Level Anomaly Detection Using Network Traffic in Web Services

With their widespread popularity, web services have become the main targets of various cyberattacks. Existing traffic anomaly detection approaches focus on flow-level attacks, yet fail to recognize behavior-level attacks, which appear benign in individual flows but reveal malicious purpose using...

GHSA-CXQ7-XW9V-RCV3 vulnerabilities

Vulnerabilities for packages: spicedb-operator, octo-sts, task, cadvisor, dfc, hydra, aws-signer-notation-plugin, spire-controller-manager, modelmesh-runtime-adapter, mattermost, tofu-controller, gcsfuse, fq, infinispan-operator, nri-prometheus, kwok, vitess, flyte,...

GHSA-FRHW-MQJ2-WXW2 vulnerabilities

Vulnerabilities for packages: cadvisor, spire-controller-manager, hydra, gcsfuse, kubernetes-dashboard-metrics-scraper, terraform-provider-sendgrid, opensearch-k8s-operator, aws-sigv4-proxy, terraform-provider-azapi, prometheus-blackbox-exporter, age, gobuster, kube-vip-cloud-provider,...

GHSA-9GCR-GP5F-JW27 vulnerabilities

Vulnerabilities for packages: argo-rollouts, k3d, maru, node-feature-discovery-fips, pushprox-fips, kpt, cert-manager-cmctl, dask-gateway, terraform-provider-random-fips, mongo-tools, grpcurl-fips, gcp-compute-persistent-disk-csi-driver, mountpoint-s3-csi-driver, mattmoor-chainit,...

GHSA-CXQ7-XW9V-RCV3 vulnerabilities

Vulnerabilities for packages: argo-rollouts, k3d, maru, node-feature-discovery-fips, pushprox-fips, kpt, cert-manager-cmctl, dask-gateway, terraform-provider-random-fips, mongo-tools, gke-gcloud-auth-plugin, grpcurl-fips, gcp-compute-persistent-disk-csi-driver, mountpoint-s3-csi-driver,...

Siemens SIMATIC Devices Out-of-bounds Read (CVE-2023-42755)

A flaw was found in the IPv4 Resource Reservation Protocol RSVP classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the rsvpclassify function. This issue may allow a local user to crash the system and cause a denial of...

CVE-2023-53733

In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need to undo the tcfbindfilter operation done at u32setparms...

Attack-Specialized Deep Learning with Ensemble Fusion for Network Anomaly Detection

The growing scale and sophistication of cyberattacks pose critical challenges to network security, particularly in detecting diverse intrusion types within imbalanced datasets. Traditional intrusion detection systems IDS often struggle to maintain high accuracy across both frequent and rare...

A Multi-Layered Embedded Intrusion Detection Framework for Programmable Logic Controllers

Industrial control system ICS operations use trusted endpoints like human machine interfaces HMIs and workstations to relay commands to programmable logic controllers PLCs. Because most PLCs lack layered defenses, compromise of a trusted endpoint can drive unsafe actuator commands and risk...

EUVD-2019-16187

Malware in sbrugna...

EUVD-2013-0213

Malware in sbrugna...

EUVD-2025-30973

Malicious code in bioql PyPI...

EUVD-2025-15944

Malicious code in bioql PyPI...

EUVD-2023-39785

Malicious code in bioql PyPI...

NVIDIA Megatron-LM ensemble_classifer script code injection vulnerability

NVIDIA Megatron-LM is a PyTorch-based distributed training framework from NVIDIA that specializes in training large Transformer language models. A code injection vulnerability exists in the NVIDIA Megatron-LM ensembleclassifer script, which can be exploited by attackers to cause code execution,...

CVE-2025-23354

NVIDIA Megatron-LM for all platforms contains a vulnerability in the ensembleclassifer script where malicious data created by an attacker may cause an injection. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, Information disclosure, and data...