Lucene search
K

580 matches found

Cvelist
Cvelist
added 2025/10/03 11:17 a.m.11 views

CVE-2025-10311 Comment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings Update

The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...

4.3CVSS0.00136EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.6 views

PT-2025-40473

The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...

4.3CVSS5.4AI score0.00136EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.6 views

WordPress plugin Comment Info Detector 跨站请求伪造漏洞

WordPress Comment Info Detector plugin is a WordPress plugin for displaying commenter browser and operating system information, developed by Kyle Baker. The WordPress Comment Info Detector plugin suffers from a cross-site request forgery vulnerability that stems from the options.php file not...

4.3CVSS6.8AI score0.00136EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2025/09/29 12:0 a.m.6 views

Federated Spatiotemporal Graph Learning for Passive Attack Detection in Smart Grids

Smart grids are exposed to passive eavesdropping, where attackers listen silently to communication links. Although no data is actively altered, such reconnaissance can reveal grid topology, consumption patterns, and operational behavior, creating a gateway to more severe targeted attacks. Detecti...

6.6AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/25 12:0 a.m.42 views

RLCracker: Exposing the Vulnerability of LLM Watermarks with Adaptive RL Attacks

Large Language Models LLMs watermarking has shown promise in detecting AI-generated content and mitigating misuse, with prior work claiming robustness against paraphrasing and text editing. In this paper, we argue that existing evaluations are not sufficiently adversarial, obscuring critical...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/09/25 12:0 a.m.11 views

ExpIDS: a Drift-Adaptable Network Intrusion Detection System with Improved Explainability

Despite all the advantages associated with Network Intrusion Detection Systems NIDSs that utilize machine learning ML models, there is a significant reluctance among cyber security experts to implement these models in real-world production settings. This is primarily because of their opaque natur...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/22 7:56 a.m.5 views

Malicious code in eslint-config-detector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c532e5d9ed3c3afdaf7a4a59234c132c6176b491fc96676828c4f0dd5eb415c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/09/22 7:56 a.m.2 views

MAL-2025-47482 Malicious code in eslint-config-detector (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c532e5d9ed3c3afdaf7a4a59234c132c6176b491fc96676828c4f0dd5eb415c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/09/22 7:56 a.m.4 views

Malicious Package

Overview eslint-config-detector is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/09/11 5:15 p.m.4 views

DEBIAN-CVE-2025-39737

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid soft lockup in kmemleakdocleanup A soft lockup warning was observed on a relative small system x86-64 system with 16 GB of memory when running a debug kernel with kmemleak enabled. watchdog: BUG: soft lockup -...

5.5CVSS5.4AI score0.00159EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-20446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission...

3.3CVSS5.1AI score0.00103EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.5 views

Malicious code in eslint-detector (npm)

The package eslint-detector was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/29 6:55 p.m.3 views

MAL-2025-41974 Malicious code in eslint-detector (npm)

The package eslint-detector was found to contain malicious code...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/17 12:0 a.m.1 views

False Data-Injection Attack Detection in Cyber-Physical Systems: a Wasserstein Distributionally Robust Reachability Optimization Approach

Cyber-physical system CPS is the foundational backbone of modern critical infrastructures, so ensuring its security and resilience against cyber-attacks is of pivotal importance. This paper addresses the challenge of designing anomaly detectors for CPS under false-data injection FDI attacks and...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in pii-detector (npm)

The package pii-detector was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-27626 Malicious code in node-http-langdetect (npm)

The package node-http-langdetect was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-29249 Malicious code in pii-detector (npm)

The package pii-detector was found to contain malicious code...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/12 12:0 a.m.3 views

Surpassing the PLOB Bound in Continuous-Variable Quantum Secret Sharing Using a State-Discrimination Detector

Continuous-variable quantum secret sharing CVQSS is a promising approach to ensuring multi-party information security. While CVQSS offers practical ease of implementation, its present performance remains limited. In this paper, we propose a novel CVQSS protocol integrated with a...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/11 12:0 a.m.4 views

BlindGuard: Safeguarding LLM-Based Multi-Agent Systems under Unknown Attacks

The security of LLM-based multi-agent systems MAS is critically threatened by propagation vulnerability, where malicious agents can distort collective decision-making through inter-agent message interactions. While existing supervised defense methods demonstrate promising performance, they may be...

7.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/08/08 1:0 p.m.9 views

It Looks Like a School Bathroom Smoke Detector. A Teen Hacker Showed It Could Be an Audio Bug

A pair of hackers found that a vape detector often found in high school bathrooms contained microphones—and security weaknesses that could allow someone to turn it into a secret listening device...

7.3AI score
Exploits0
Rows per page
Query Builder